Learn how to use our serverless platform to create voice, video and messaging applications and services by reading our getting started guide. It's the best way to become familiar with the platform architecture and capabilities.
One Tap Authentication enables secure and seamless authentication via mobile operator of the end-user, eliminating the need of passwords/OTPs. One Tap Authentication is used to verify mobile number and active SIM card details of the end-user to ensure that end user is who they claim to be and is in possession and control of the mobile device associated with end user’s mobile number. Authentication process involves two API calls – Initiate and Verify. Initiate API operation is performed first followed by Verify API operation.
This API operation sends request to get authentication-trigger URL. This URL must be triggered on end-user’s handset with mobile data network enabled. Mobile number along with active SIM card details of the end-user will be captured, and details will be sent to mobile network operator of the end-user for authentication.
Variable Name | Description | Data Type |
---|---|---|
mobile | The mobile number of the user in E.164 format e.g., 91XXXXXXXXXX where “91” is a country code. |
String |
userIp | Public IP address (IPv4 or IPv6) used in the mobile network | String |
copy
curl --request POST \
--url 'https://api.apigw.tatacommunications.com/v1/auth/initiate' \
--header 'Authorization: '
--header 'content-type: application/json' \
--data '{
"mobile": "XXXXXXXXXXXX",
"userIp": "XXXXXXXXXXXX"
}'
Variable Name | Description | Data Type |
---|---|---|
code | Status code | Number |
transactionId | Transaction Id generated for the initiate session | String |
url | Authentication-trigger URL of the supported network operator for the provided mobile number and IP address | String |
copy
{
"code": 200,
"transactionId": "OTA21461388817324d40fc0a-ab3c-4bdc-90bc-7d60ec6412c0",
"url": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
}
This API operation returns authentication status response from mobile network operator for the authentication request of end user whose details were captured during Initiate API operation and during the trigger of authentication-trigger URL.
Variable Name | Description | Data Type |
---|---|---|
transactionId | Transaction Id generated in the corresponding initiate session | String |
copy
curl --request POST \
--url 'https://api.apigw.tatacommunications.com/v1/auth/verify' \
--header 'Authorization: '
--header 'content-type: application/json' \
--data '{
"transactionId": "OTA21461388817324d40fc0a-ab3c-4bdc-90bc-7d60ec6412c0"
}'
Variable Name | Description | Data Type |
---|---|---|
code | Status code | Number |
transactionId | Transaction Id generated in the corresponding initiate session | String |
message | Additional message related to the status of the transaction | String |
status | Status of the transaction. It may be “success”,“pending”, “mismatch” or “failure”.Meanings of the statuses:
“success”: “This means that the Initiate API call has successfully returned an authentication-trigger URL, the authentication-trigger URL has been triggered, and the mobile network operator has confirmed that the provided mobile number, IP address and the details of the active SIM card successfully match and are correct.”, “pending”: “This means that the Initiate API call has successfully returned an authentication-trigger URL, however, the authentication-trigger URL is not yet triggered, or the mobile network operator has not yet provided the authentication status.”, “mismatch”: “This means that the user-handset has dual SIM cards, mobile data of SIM1 is active when the authentication-trigger URL is triggered on the mobile, whereas user has entered mobile number of SIM2 during the corresponding Initiate API call.”, “failure”: “This means that the authentication status is neither ‘success’, ‘pending’ or ‘mismatch’.” |
String |
copy
{
"code": 200,
"transactionId": "OTA21461388817324d40fc0a-ab3c-4bdc-90bc-7d60ec6412c0",
"message": "Phone number and User Ip are both correct",
"status": "success"
}
Authentication response received from mobile network operator can be pushed through callback URL (webhook) configured for Enterprise customers. The following parameters are passed in the callback request.
API Method: POST
Callback Request Body Format: JSON
Callback Request Body
copy
{
"transactionId": "string",
"status": "string",
"timestamp": "string"
}
Anonymize, Authenticate, Programmable SMS
Please fill in your details below and we will get in touch with you shortly
One of our team members will be in contact soon.
Please fill in your details below and we will get in touch with you shortly
One of our team members will be in contact soon.
Please fill in your details below
One of our team members will be in contact soon.
You will need auth token to access our APIs. Please fill in your details below and we will get in touch with you.
One of our team members will be in contact soon.