Step 1: Sign Up & Log In
- Go to Message Central Signup
- Create your free account
- You’ll instantly get 1,000 free credits to test OTPs
Step 2: API Integration (Devs, Assemble!)
We’ve made this so simple you’ll think it’s cheating. Don’t worry, we’ve got ready-made code snippets so you can skip the boilerplate and jump straight to testing.
Not a code-reading fan? We’ve got a video tutorial that walks you through step by step.
API Parameter for Verify Now
The following parameters need to be sent while using VerifyNow APIs.
Rest API Base URLs
All Platform API endpoints below should be prefixed with the following URL:
https://cpaas.messagecentral.comGenerate Token
When using Verify Now’s SMS verification API to send SMS verification codes, the initial call should be to the token generation API.
This API returns a token that must be included in all subsequent calls. An authentication token is needed to validate the user and should be included in the header section of each request.
Request URL Path:
/auth/v1/authentication/tokencURL
1curl --location 'https://cpaas.messagecentral.com/auth/v1/authentication/token?
2customerId=%3CCustomerId%3E&key=%3CBase64%20Encrypted%20password%3E&scope=NEW&country=91
3&email=test%40messagecentral.com' \
4--header 'accept: */*'
NOTE: To convert a cURL command into code using Postman, open Postman, import the cURL command via the "Import" button, and then generate the code in your preferred language by clicking the "Code" button on the right side of the request.
Response JSON
1{
2 "status": Integer,
3 "token": "String"
4}Grab the Opportunity
If you are a developer or a web development agency, partner with us to accelerate your earnings.
Become a Partner
Send OTP
To sendOtp on a mobile number below are the request parameters. The authentication token is required to send OTP which is generated by the generated token API (which you can find above in Introduction section).
Request URL Path:
A successful response will return a 200 status code.
/verification/v3/sendRequest URL Parameters:
cURL
1curl --location --request POST 'https://cpaas.messagecentral.com/verification/v3/send?
2countryCode=91&flowType=SMS&mobileNumber=9999999999' \
3--header 'authToken:
4eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJDLTMzNDMyQTVGNDIGNzQwNCI6ImIhdCI6MTcxMjExOTA0MCwiZXhwIjo'
NOTE: To convert a cURL command into code using Postman, open Postman, import the cURL command via the "Import" button, and then generate the code in your preferred language by clicking the "Code" button on the right side of the request. You can change the flowType basis the channel of your choice.
Response JSON
1{
2 "responseCode": 200,
3 "message": "SUCCESS",
4 "data": {
5 "verificationId": "xxxx",
6 "mobileNumber": "xxxx",
7 "responseCode": "200",
8 "errorMessage": null,
9 "timeout": "60",
10 "smCLI": null,
11 "transactionId": "xxxx"
12 }
13}Validate OTP
The validateOtp method is a REST API endpoint for validating a one-time password (OTP) for customers.
Request URL Path:
A successful response will return a 200 status code.
/verification/v3/validateOtp/- For multiple language support
- by default is English
- For now we support English only
cURL
1curl --location 'https://cpaas.messagecentral.com/verification/v3/validateOtp?
2&verificationId=2949&code=1476' \
3--header 'authToken:
4eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJDLTMzNDMyQTVGNDIGNzQwNCI6ImIhdCI6MTcxMjExOTA0MC'
NOTE: To convert a cURL command into code using Postman, open Postman, import the cURL command via the "Import" button, and then generate the code in your preferred language by clicking the "Code" button on the right side of the request.
Response JSON
A successful response will return a 200 status code.
1{
2 "responseCode": 200,
3 "message": "SUCCESS",
4 "data": {
5 "verficationId": "xxxx",
6 "mobileNumber": "xxxx",
7 "responseCode": "200",
8 "errorMessage": null,
9 "verificationStatus": "VERIFICATION_COMPLETED",
10 "authToken": null,
11 "transactionId": "xxxx"
12 }
13}Response Codes
Help and Support
For implementation support and any feedback, please reach out to us at: support@messagecentral.com
Frequently Asked Questions
How do I integrate text message 2FA using an OTP API?
You integrate text message 2FA by calling an OTP API to send a one-time code, then validating the user’s input via a verification endpoint. The API handles code generation, expiry, retries, and delivery. Platforms like VerifyNow provide ready-to-use REST APIs and SDKs to go live with 2FA OTPs quickly.
How can I send 2FA OTPs via text using a REST API?
To send 2FA OTPs via text, your backend calls a REST API with the user’s phone number and verification type. The API sends the OTP and returns a verification ID. The user submits the code, which you verify through a second API call. VerifyNow supports this flow out of the box.
How fast should text-based 2FA be in the US?
Text-based 2FA in the US should deliver within 1–2 seconds for best user experience. Delivery beyond 5 seconds increases drop-offs. Speed depends on 10DLC registration, carrier routing, and traffic load. VerifyNow optimizes routing to maintain consistently low OTP delivery latency.
How can I improve text OTP delivery rates in the US?
Improve delivery by using 10DLC-registered numbers, approved OTP templates, rate limiting, and retry logic. Avoid spam-triggering content and peak-hour bursts. Adding fallback channels significantly boosts success. VerifyNow includes built-in retries and automatic WhatsApp fallback to maximize verification completion.
Do I need user consent to send text OTPs in the US?
Yes, user consent is required to send text OTPs in the US under TCPA and FCC regulations, though OTPs qualify as transactional messages with potentially less stringent "prior express consent" compared to marketing SMS. VerifyNow uses compliant templates and routes aligned with US carrier rules.
How can I test text OTP APIs without sending real messages?
You can test text OTP APIs using sandbox credentials, mocked responses, or limited test credits. A sandbox simulates OTP send and verify flows without real delivery. VerifyNow also provides free test credits so developers can validate real-world delivery and latency before going live.
What are the most common error codes when sending text OTPs?
Common US text OTP error codes include 30034 (unregistered 10DLC), 30008 (carrier spam filtering), 30023/30024 (rate limiting), and 30007 (carrier congestion). Understanding these codes helps debug delivery issues quickly. VerifyNow surfaces clear diagnostics for each failure.
What does error code 30034 mean in text OTP delivery?
Error code 30034 means your text messages are being blocked because your number or campaign is not registered for 10DLC. US carriers silently reject unregistered A2P traffic. Fix this by registering your brand and OTP use case, or use VerifyNow’s pre-approved 10DLC setup.
Why am I getting error code 30008 even though my message is approved?
Error 30008 indicates carrier spam filtering, not template rejection. Causes include ALL CAPS text, emojis, shortened URLs, or promotional wording. Even approved messages can be filtered. Using clean, pre-approved OTP templates (like those provided by VerifyNow) helps avoid carrier spam filters.
How do I fix OTP failures caused by carrier throttling (30023 / 30024)?
Carrier throttling occurs when message volume exceeds allowed rates. Fix this by implementing rate limits, queueing OTP sends, warming up numbers, and distributing traffic across registered numbers. VerifyNow automatically manages throughput and retries to prevent throttling during traffic spikes.
What should I do when OTPs fail due to carrier congestion (30007)?
Error 30007 means carrier networks are congested, often during peak hours. Best practice is to retry with exponential backoff and use fallback channels. VerifyNow automatically retries and can deliver OTPs via WhatsApp if text delivery is delayed, ensuring users still get verified.