Two Factor Authentication using SMS for Login/ Forgot Password

SapphireIMS allows you to perform password recovery using forgot Password/Reset Password, allows you to unlock account and it supports two factor authentication for these features along with user logins. The TFA can be enabled using email or SMS or both options.

Following details help you to enable TFA with SMS -

SapphireIMS supports both the push and get SMS API methods of sending SMS.

To configure TFA go to settings> Security setting > Two factor authentication

Here on OTP Mode select SMS or Both,

To understand SapphireIMS prerequisites, click here

The customer will have to first get the service provider’s DLT approval(Distributed Ledger Technology, a new regulation set by TRAI a telecom regulatory authority of India for bulk SMS) for that particular message format, and that same message format should be configured in the SapphireIMS β€œOTP SMS Text Message*” box.

DLT Approved message will look like this: Dear User, your One Time Password(OTP) for Forgot / Change Password is**{#var#}**.Please do not share it with anyone. Thank you,

Where #var# is the variable data type that we must replace with our macros.

The final β€œOTP SMS Text Message*” will look like this: β€œDear User, your One Time Password(OTP) for Forgot / Change Password is MACRO_OTP_CODE. Please do not share it with anyone. Thank you.”

It is up to the customer to decide how many {#var#} they want to add to his message, and you will have to replace them with the appropriate marco. Please keep in mind that the OTP SMS Text message must be identical to the DLT-approved version or the message will not be delivered.

The URL needs to be verified by the postman or browser to determine if the API is triggering the message or not. In SapphireIMS the URL must be put in single line, replacing all the API vender URL and keywords (if needed). Many service providers will refer to the single line URL as HTTP AND HTTPS API FORMAT.

Now update the vendor address according to customer URL, and also the keywords. For example: β€œsendername” can be changed to β€œfrom” or β€œmessage” can be changed to β€œtext.” All these will vary according to the service provider. Set the get or push method and test the configuration.

1 Like