Getting Started with Voice OTP

Voice OTP is used to verify a mobile number. This verification is done by making a call to the mobile number & playing a sequence of digits. In order to verify the mobile number the user needs to confirm the played sequence of digits.

Voice OTP is commonly used to verify new user registrations in an app or website. Let us see a simple example of sending a Voice OTP.

Sending a simple Voice OTP

Let us assume you have a phone number and have an OTP to send to this number. Sending this OTP to that number consists of three steps.

  1. We will initiate a call to the phone number
  2. When the call is answered, we will fetch an XML from the Answer URL specified while initiating the call
  3. The XML provides instructions to speak the OTP to the customer

Let us look at each of these steps in detail.

Initiating a call to a phone number

For this example we will initiate an outbound call to the phone number specified using Plivo API. This is done in the following code snippet.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

@app.route('/send_otp/', methods=['GET', 'POST'])
def send_otp():
    from_number = '<set from number>'
    to_number = request.form.get('number')
    otp = request.form.get('otp')
    url = 'https://api.plivo.com/v1/Account/MANJBLYWZJOWY1MJGYOD/Call/'
    answer_url = 'http://c3bb61b6.ngrok.io/return_xml/?otp=' + otp
    values = {
        'from': from_number,
        'to': to_number,
        'answer_url': answer_url,
        'answer_method': 'GET'
    }
    headers = {'Content-type': 'application/json'}
    req = requests.post(
        url,
        data=dumps(values),
        auth=HTTPBasicAuth(username, password),
        headers=headers)
    return Response(str(req.text))

The to_number and otp in this example are retrieved from the request posted to the endpoint. The username and password are the AUTH ID and AUTH Token available in the Plivo dashboard. You also need to set the from_number to a number that you own.

The above code snippet fires a call to the to_number using from_number as the caller ID. While initiating the call it also provides a answer_url which will be invoked when the call is answered.

Playing the OTP to the phone number

When the answer_url is invoked it is expected to return an XML file that can speak the OTP to the customer. The XML file expected looks like the one below.

1
2
3

<Response>
    <Speak>Your OTP is 1,2,3,4,5,</Speak>
</Response>

This XML can be generated by using the following code snippet. You can refer to our complete tutorial on setting up dev servers for more information.

1
2
3
4
5
6
7
8
9
10

@app.route('/return_xml/', methods=['GET', 'POST'])
def return_xml():
    otp_input = str(request.args.get('otp'))
    print(otp_input)
    speech_string = ''
    for s in otp_input:
        speech_string = speech_string + s + ','
    resp = '<Response><Speak>Your OTP is {otp}</Speak></Response>'.format(
        otp=speech_string)
    return Response(resp, mimetype='text/xml')

For this example, we have retrieved the OTP from the query parameter when the URL is hit. We are then appending a “,” before every character to speak the digits individually. Then a XML is generated and returned as a response.

Once this XML is returned, the OTP will be played to the customer. For adding more enhancements to OTP refer to the Speak element in Plivo XML.

Modifying the above XML for Voice alerts

Though this tutorial was primarily centered around sending Voice OTP, it can also be used for sending voice notifications and alerts. To do that, the Speak element in the XML needs to be modified to the text that needs to be spoken to the customer.