The Curity Identity Server uses SMS providers in various places. Most commonly it’s used by the Sms Authenticator during two factor authentication.
Currently two SMS providers are supported. Twilio and REST. Both are explained in the following sections. Any number of providers can be configured in the system, and left dormant if needed. The usage of a provider is defined in the Authentication Profile on the Sms Provider configuration element. This element references one of the available providers which are defined in the facilities section.
Twilio TwilioWebsite is a cloud Sms and Voice service provider. They provide an easy to use REST API for sending and receiving text messages (among other services). To use Twilio, a Twilio account with SMS enabled is required.
The SMS client can use either Auth Token or API Key. From the Twilio account the following properties are needed to configure the SMS client:
The above parameters can be found in the Twilio account page and are used to configure the twilio sms provider in the facilities section.
Note
If a name is used instead of from number then it will not be found on the Twilio page, but can be arbitrarily selected when configuring Curity.
Sometimes other SMS providers are needed besides Twilio. To give full flexibility here, Curity provides a REST API towards which the organization can build a small SMS REST service. This allows the organization to integrate against any SMS provider without having to extend the functionality of Curity in a simple manner.
Fig. 35 Communication between Curity and a REST SMS backend
For more information on how to develop a REST SMS service see the developer guide.