Before you start sending 2FA codes to your users, you first need to create a Verify application on the Plivo console.

An application has several properties:

  • UUID: A unique identifier for your application, automatically generated by Plivo. You must specify the UUID when triggering a request for an OTP.
  • Alias: A friendly name for your application.
  • Supported channels: All applications by default support SMS and voice channels; you can disable voice.
  • Brand name
  • Default template: Plivo lets you select a template for your application from a list of predefined templates for all types of 2FA use cases. A template might look like “Your ${brand} verification code is ${code}.” When you send a code using an application that uses this template, Plivo will replace the variables “brand” and “code” with the brand specified in the application and a code generated with the type and length specified in the application.
  • Code properties: Plivo lets you configure four properties for your application.
    • Length: Indicates the length of the OTP.
    • Expiry: Indicates an expiry interval for each OTP, after which the code will be considered expired.
    • Attempts: Indicates the maximum number of attempts to make to a recipient within the expiry period. Setting a limit on attempts can be helpful in keeping your costs down by avoiding multiple SMS or voice calls to a number that’s inactive or unresponsive.

Create Application - part 1

Create Application - part 2

Things to keep in mind while creating an application

Most businesses will need to create just one application, as 2FA codes for a business tend to be uniform except for the code itself. However, you might want to use four-digit OTPs for your login experience and six-digit OTPs for your checkout experience, or vice versa. Similarly, you might want to use only SMS for logins but SMS and voice channels for payments.