Core FeaturesTemplates

Fyno Verify

Fyno Verify offers a fully managed API for seamless multichannel user verification via OTP or link.

Elevate your onboarding and login process with a single API that handles the entire OTP generation, delivery and verification process in a secure way.

Why Fyno Verify?

Verification is an essential first step in your online relationship with a user. By verifying that a new user is who they say they are, you can reduce spam and fraud on your site while ensuring the user’s security.

Fyno Verify supports SMS, Email, WhatsApp, Push, InApp and Voice.

How to configure Fyno Verify?

In the templates, go to System Variables -> Verify. Click Settings icon

You can configure Fyno Verify in 2 ways.

  1. OTP
  2. Link
You can also configure both OTP and Link in the same template.

How to configure Fyno Verify for OTP?

1Enable OTP toggle.
2

In the pop-up, configure your settings for OTP.

  1. Choose between a numeric or an alphanumeric OTP.
  2. Specify the desired number of characters for the OTP. You can choose between 3 and 6 characters
  3. Define the OTP validation time. You can choose between 60 seconds and 48 hours.
  4. Set the number of allowed retries. You can choose between 1 and 10 retries
3Select Yes in ‘Use destination as id’, if you want to send the destination(email/phone no etc) as id in the request once OTP is entered by the users in your app/website.
4If you choose No in ‘Use destination as id’, then you need to send request_id as part of Fyno Verify API request to verify the OTP.
5By default we will send same OTP to all the channels configured in your template. if you want to send different OTPs to different channels, then select ‘Different OTP for all channels’.
Use {{$fyno.$otp}} as the OTP placeholder in your Fyno template.

1Enable Link toggle.
2In the pop-up, define the Link validation time. You can choose between 60 seconds and 48 hours.
3By default we will send same OTP to all the channels configured in your template. if you want to send different OTPs to different channels, then select ‘Different OTP for all channels’.
4Provide a redirect link if you want to redirect your users to a specific page in your app/website, otherwise leave it black. Users will see a success screen once they click the validation link and its verified.
Use {{$fyno.$link}} as the Link placeholder in your Fyno template.
The generated URL will follow this format: https://fy1.in/verify/x, where x is a 32-character string.

Sample Fyno Verify API requests

  1. If ‘Use destination as id’ is No and ‘Same OTP for all channels’ then: https://api.fyno.io/v1/{{WSID}}/live/verify/validate?request_id=0b59df61-c587-4f44-a669-f0177a161b81&otp=2811

For instance, if a user from Bank XYZ attempts to log in using their customer ID, the bank will send an OTP via SMS and email. The user can retrieve the OTP from either channel and enter it on the bank’s login page.

  • If the OTP validation is successful, Fyno will update it as ‘Verified’ for both Email and SMS in logs.
  • If the OTP validation fails, Fyno will update it as ‘Failed to Verify’ for both Email and SMS in logs.
  1. If ‘Use destination as id’ is No and ‘Different OTP for all channels’ then: https://api.fyno.io/v1/{{WSID}}/live/verify/validate?request_id=0b59df61-c587-4f44-a669-f0177a161b81&otp=2811

For instance, if a user from Bank XYZ attempts to log in using their customer ID, the bank will send different OTP via SMS and email, say ‘4561’ in SMS and ‘7891’ in Email.

  • If the user enters ‘4561’ and OTP validation is successful, Fyno will update it as ‘Verified’ for SMS in logs.
  • If the user enters ‘7891’ and OTP validation is successful, Fyno will update it as ‘Verified’ for Email in logs.
  • If the OTP validation fails, Fyno will update it as ‘Failed to Verify’ for both Email and SMS in logs.
  1. If ‘Use destination as id’ is Yes and ‘Same OTP for all channels’, then: https://api.fyno.io/v1/{{WSID}}/live/verify/validate?otp=2811&destination=91xxxxxxxxxx

For instance, if a user from Bank ABC attempts to log in using their customer ID, the bank will send an OTP via SMS and email. The user can retrieve the OTP from either channel and enter it on the bank’s login page.

  • If the OTP validation is successful, Fyno will update it as ‘Verified’ for both Email and SMS in logs.
  • If the OTP validation fails, Fyno will update it as ‘Failed to Verify’ for both Email and SMS in logs.
  1. If ‘Use destination as id’ is Yes and ‘Different OTP for all channels’, then: https://api.fyno.io/v1/{{WSID}}/live/verify/validate?otp=2811&destination=91xxxxxxxxxx

For instance, if a user from Bank ABC attempts to log in using their customer ID, the bank will send different OTP via SMS and email, say ‘4561’ in SMS and ‘7891’ in Email.

  • If the user enters ‘4561’ and OTP validation is successful, Fyno will update it as ‘Verified’ for SMS in logs.
  • If the user enters ‘7891’ and OTP validation is successful, Fyno will update it as ‘Verified’ for Email in logs.
  • If the OTP validation fails, Fyno will update it as ‘Failed to Verify’ for both Email and SMS in logs.
WSID - Workspace Id
Use {{$fyno.$otp}} as the OTP placeholder in your Fyno template.

How Fyno Verify Works? - A User’s Perspective

For instance, brand ABC is using Fyno Verify to authenticate their users.

  1. User enters their phone number or email in the ABC’s app/website.
  2. ABC triggers Fyno’s Notification event from their backend which generates an OTP
  3. Fyno sends the OTP via selected channel(s) configured in the notification event to the user
  4. User enters the OTP in the brand ABC’s app/website.
  5. ABC backend calls Fyno Verify API to validate the OTP(sample request in the previous section)
  6. Fyno verifies the user-entered OTP and forwards the response to the ABC’s application, yielding four potential outcomes/statuses:
    1. 200: { "status": "ok", "_message": "verified" }
    2. 400: { "status": "error", "_message": "verify-attempt-failed", "attempt_left": 2 }
    3. 400: { "status": "error", "_message": "verify-attempt-exceeded", "attempt_left": 0 }
    4. 400: { "status": "error", "_message": "Not a valid request" }
  7. If the OTP validation fails, the user will have the opportunity to retry. The number of retries allowed is based on the option configured.
  8. Once the user has exhausted all the retries, it is at the discretion of brand ABC to determine the waiting period before allowing the same user to retry.