SMS Two Factor Authentication (Dual Factor Authentication) is a security verification procedure, which is triggered through a user logging into a website, software or application. In the log-in process, the user is automatically sent an SMS to their mobile number containing a unique numeric code.
There are a number of organizations providing this service and as long as they have well documented REST API’s you can easily integrate AEM Forms using the data integration capabilities of AEM Forms. For the purpose of this tutorial, I have used Nexmo to demonstrate the SMS 2FA use case.
The following steps were followed to implement the SMS 2FA with AEM Forms using Nexmo Verify service.
Create developer account
Create a developer account with Nexmo. Make a note of the API Key and API Secret Key. These keys are needed to invoke REST API’s of the Nexmo’s service.
Create Swagger/OpenAPI file
OpenAPI Specification (formerly Swagger Specification) is an API description format for REST APIs. An OpenAPI file allows you to describe your entire API, including:
To create your first swagger/OpenAPI file, please follow the OpenAPI documentation
Use the swagger editor to create your swagger file to describe the operations that send and verify OTP code sent using SMS. The swagger file can be created in JSON or YAML format. The completed swagger file can be downloaded from here