With the OTP API you can generate one time passwords and verify the response.
Protect your organisation and users against fraudulent login attempts and potential catastrophic effects on your business. CM.com offers a unique Hybrid Two-factor, One Time Password solution that can be delivered via our high quality SMS routes or to your app via Push.
The Base URL is https://api.cmtelecom.com
X-CM-ProductToken - your product token (string)
POST /v1.0/otp/generate
Content-Type: application/json
required
Please note that alphanumeric sender is not supported in all countries.
optional
When allowPush is set to true, a valid app key is required
Example:
{
"recipient": "0031601234567",
"sender": "My company"
}
Response:
"id": "1e12cb10-d14a-4cd6-8d86-e5263cf122ee",
"createdAt": "2015-01-01T13:00:00+0000",
"expireAt": "2015-01-01T13:01:00+0000"
}
POST /v1.0/otp/verify
Content-Type: application/json
required
Example:
{
"id": "1e12cb10-d14a-4cd6-8d86-e5263cf122ee",
"code": "12345"
}
Response:
{
"valid": true
}
Please note: once a code has been successfully validated, it cannot be validated again.
200 = OK
400 = Validation Error (Invalid request, see message in the response)
422 = Unprocessable Entity (Could not send OTP, see message in the response)
500 = Internal Server Error (Unknown error occurred)
In this way you can generate a code.
$ch = curl_init(); $options = array( CURLOPT_URL => 'https://api.cmtelecom.com/v1.0/otp/generate', CURLOPT_HTTPHEADER => array( 'Content-Type: application/json', 'X-CM-ProductToken: 00000000-0000-0000-0000-000000000000', ), CURLOPT_POST => true, CURLOPT_POSTFIELDS => json_encode(array( 'recipient' => '0031600000000', 'sender' => 'CM Telecom', )), CURLOPT_RETURNTRANSFER => true ); curl_setopt_array($ch, $options); $response = curl_exec($ch); curl_close($ch); $generateResponse = json_decode($response);
curl -X POST -H "Content-Type: application/json" -H "X-CM-ProductToken: 00000000-0000-0000-0000-000000000000" -d '{ "recipient": "0031600000000", "sender":"CM Telecom"}' 'https://api.cmtelecom.com/v1.0/otp/generate'
let data: [String : AnyObject] = [ "recipient" : "0031600000000", "sender" : "CM Telecom" ] let request = NSMutableURLRequest(URL: NSURL(string: "https://api.cmtelecom.com/v1.0/otp/generate")!) request.HTTPMethod = "POST" request.HTTPBody = try! NSJSONSerialization.dataWithJSONObject(data, options: []) request.addValue("application/json", forHTTPHeaderField: "Content-Type") request.addValue("00000000-0000-0000-0000-000000000000", forHTTPHeaderField: "X-CM-ProductToken") let task = NSURLSession.sharedSession().dataTaskWithRequest(request) { data, response, error in guard error == nil else { print("request error: \(error)") return } if let responseData = data { let responseStr = NSString(data:responseData, encoding: NSUTF8StringEncoding) print("response: \(responseStr)") } else { print("empty response") } } task.resume()
package main import ( "bytes" "encoding/json" "fmt" "io/ioutil" "net/http" ) type Message struct { Recipient string `json:"recipient"` Sender string `json:"sender"` } func main() { url := "https://api.cmtelecom.com/v1.0/otp/generate" msg := Message{ Recipient: "0031600000000", Sender: "CM Telecom", } postData, err := json.Marshal(msg) if err != nil { panic(err) } req, _ := http.NewRequest("POST", url, bytes.NewReader(postData)) req.Header.Add("Content-Type", "application/json") req.Header.Add("X-CM-ProductToken", "00000000-0000-0000-0000-000000000000") res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(string(body)) }
In this way you can verify a code.
$ch = curl_init(); $options = array( CURLOPT_URL => 'https://api.cmtelecom.com/v1.0/otp/verify', CURLOPT_HTTPHEADER => array( 'Content-Type: application/json', 'X-CM-ProductToken: 00000000-0000-0000-0000-000000000000', ), CURLOPT_POST => true, CURLOPT_POSTFIELDS => json_encode(array( 'id' => '1e12cb10-d14a-4cd6-8d86-e5263cf122ee', 'code' => '12345', )), CURLOPT_RETURNTRANSFER => true ); curl_setopt_array($ch, $options); $response = curl_exec($ch); curl_close($ch); $verifyResponse = json_decode($response);
curl -X POST \ https://api.cmtelecom.com/v1.0/otp/verify \ -H 'Content-Type: application/json' \ -H 'X-CM-ProductToken: 00000000-0000-0000-0000-000000000000' \ -d '{ "id": "1e12cb10-d14a-4cd6-8d86-e5263cf122ee", "code": "12345" }'