Nexmo Verify is a service that lets you add multi-factor authentication to your application by verifying a PIN code sent to your device via an SMS message or voice call.
This Knowledgebase article provides step-by-step instructions for using Appdome to add Nexmo Verify to any Android and iOS mobile app.
About Appdome for Nexmo Verify’s No-code “Accelerate” service
Nexmo Verify is a full-service two-factor authentication (2FA) solution from Nexmo/Vonage that enables businesses to validate users by sending them a one-time PIN code to their mobile device. Appdome and Nexmo have partnered to offer Nexmo customers an instant, no-code implementation using the Appdome platform, as part of Nexmo’s Accelerate service offering.
Using a simple ‘click to integrate’ user interface, the Appdome platform enables anyone (developers or non-developers) to easily add Nexmo Verify 2FA to any mobile app – instantly, without source code or development.
Using Appdome, there are no development or coding prerequisites. For example, there is no Appdome SDK, libraries, or plug-ins to implement. Users merely upload mobile apps, select the Nexmo Verify Identity Service and click “Build My App.” The Appdome technology adds Nexmo Verify MFA and more to the app automatically, with no manual development work at all.
Using Appdome there are 2 options to integrate the Nexmo Verify service into any mobile app:
1. Standard – MFA on Login
Using the “MFA on Login” method. With this method, the Nexmo Verify API is automatically triggered after the mobile user successfully authenticates to the app via their first factor (eg. username/password). The Nexmo Verify service sends a one-time pincode to the mobile phone number on record. The user must then enter the pincode into the mobile app when prompted by the app.
2. Custom MFA
Using this method, developers can leverage the app’s own unique event structure to trigger the Nexmo Verify API. When an application is built with Custom MFA, the verification code will be promoted based on the user configuration from the mobile app. When the application attempts to access a protected resource or if Appdome detects successful Built app login with the configured Phone Number Tag, the verification code will be sent to the configured phone number. This verification code will be sent via SMS or a voice call.
Additionally, with DEV-Events™ you can use Appdome to handle in-app events and complete Nexmo Verify authentication internally. For more information on how to use DEV-Events read this KB: Integrating your application with Appdome DEV-Events™ and Nexmo Verify 2FA service.
Prerequisites for Adding Nexmo Verify to Your mobile app
In order to use Appdome’s no code implementation of Nexmo Verify, you will need:
- Appdome account
- Mobile App (.ipa for iOS, or .apk for Android)
- Signing Credentials (e.g., signing certificates and provisioning profile)
- An account for the Nexmo Verify service, and the API Key and API Secret which you get from the Nexmo dashboard:
How to Add Nexmo Verify MFA to Your mobile app
Using Appdome to Build Your Mobile App with Nexmo Verify
To Build an app with Nexmo Verify’s MFA, please follow the steps below:
Click the Build Tab. Note: a blue underline will appear showing the step is active. Select the Identity category
- Click on the toggle to enable Identity Services, Select Nexmo Verify from the drop-down menu
- Enter the API Key you got from Nexmo Dashboard
- Enter the API Secret you got from Nexmo Dashboard
Build your app with MFA on Login:
- Click on the toggle to enable MFA on Login
- By default, MFA on Login detects a phone number sent using a custom header named “X-PhoneNumber“
- Dynamic UI™ automatically enables Appdome to create the necessary UI dialogs to perform the verification process using Nexmo Verify
Build Your App with Custom MFA:
- Click on the toggle to enable Custom MFA
- Enable Authenticate on Resource and add the protected servers which will trigger the authentication process. (optional)
- Enable Customize Login Detect and choose the method by which to detect the login and extract the phone number (optional):
Detect by Header: Enter the HTTP header name whose value is the user’s phone number.
Detect by JSON Body: Enter the JSON key whose value is the user’s phone number. This key will be searched for inside HTTP response payloads.
Detect by OAuth2 Access Token: allows detection of OAuth2 access tokens inside HTTP response payloads and querying the backend for the user’s phone number
- Phone Number Query URL will hold the URL that will be queried for the user’s phone number
- Phone Number JSON Tag will hold the JSON key whose value is the user’s phone number. This key will be searched for inside the query response payload.
- Brand ID (optional): enter a string up to 18 characters which will be included in the verification SMS or voice call. If it is left blank, Appdome Nexmo implementation will use your application name, and the SMS show “<YourApplication> code: 1234. Valid for 5 minutes”.
- API URL (optional): If you are using an alternative Nexmo server, enter here. Otherwise, leave blank. By default, Appdome’s Nexmo Verify implementation will use “https://api.nexmo.com“
Click the Build My App button to complete Appdome’s Nexmo integration into the app.
The technology behind Build My App has two major elements – (1) a microservice architecture filled with 1000s of code sets needed for mobile integrations, and (2) an adaptive code generation engine that can recognize the development environment, frameworks and methods in each app and match the app to the relevant code-sets needed to add Nexmo Verify MFA to the mobile app in seconds.
Congratulations! Now you have a mobile app fully integrated with Nexmo Verify MFA.
After you have added Nexmo Verify to any Mobile App on Appdome, there are a few additional steps needed to complete your mobile integration project.
Add Context™ to the Appdome-Built App
Appdome is a full-featured mobile integration platform. Within Context™, Appdome users can brand the app, including adding a favicon to denote the new service added to the app.
For more information on the range of options available in Context™, please read this knowledge base article.
Sign the Nexmo Verify enabled Appdome-Built App (Required)
In order to deploy an Appdome Built app, it must be signed. Signing iOS apps and Signing Android apps is easy using Appdome. Alternatively, you can use Private Signing, download your unsigned app and sign locally using your own signing methods.
Deploy the Appdome Built App to a Mobile Device
Once you have signed your Appdome Bult app, you can download to deploy it using your distribution method of choice. For more information on deploying your Appdome-Built apps, please read this knowledge base.
That is it – Enjoy Appdome for Nexmo Verify in your app!
How Do I Learn More?
Request a demo at any time.
If you have any questions, please send them our way at email@example.com or via the chat window on the Appdome platform.