Skip the 2-4 week wait for carrier approvals and get directly to testing SNA with your own mobile number using the new Live Test Number feature.
On this page
Verify Silent Network Auth Testing Guide
Verify Silent Network Auth (SNA) allows you to confirm user possession of a mobile phone number without explicit user intervention by communicating directly with mobile carriers. Learn more about how it works with SNA Overview, SNA API Reference, and What is Silent Network Authentication? blog post.
In this guide, we will walk you through testing the entire SNA process step-by-step on your own mobile device without having to make any modifications to your mobile app.
- Create a Twilio Account
- Note your Account SID and Auth Token from the Console .
- Request access to the API and Live Test Number feature. If there are no issues, access will be granted within 24 business hours.
- Create a Verify Service
- Note your Service SID from the Verify Services tab in the Console .
- You will need to use a smartphone associated with an approved carrier (e.g. an iPhone with a Verizon Wireless phone number)
You also have the option to test SNA without carrier approval or a valid Live Test Number. In this testing flow, use Twilio Region US1 for your requests to Start a New SNA Verification for any mobile number and Invoke the SNA URL as described in this guide. Note that requests made to regions outside US1 in this testing flow will fail. When you reach the Check the Verification Attempt result step, you will receive an expected error code.
To begin, use the Start New Verification endpoint with the parameter channel=sna to create a new SNA Verification.
Check your response from the Start New Verification endpoint for the sna.url property. The SNA URL is unique for every Verification Attempt, has a default time-to-live of 10 minutes, and can only be processed once. Once it has been called, it will not be valid anymore.
Note its value for use in the next step:
_10"sna": {_10 "url": "https://mi.dnlsrv.com/m/id/ANBByzx7?data=AAAglRRdNn02iTFWfDWwdTjOzM8o%2F6JB86fH%2Bt%2FFftUPj0pFA0u8%2FibWuYwzmMeMOtdTwYlsO8V%2FXF%2BJmngMhbeGKYhHeTOF2H9VrGEYKcEEklPxHgb5GgL3XtYa33j3lIU%2By6InvoV%2FowWHBzA0QeFPBh6vmJ8LoUPJqGE7q0PRz618Z4ym1AGq%2BaomSq9PlP4rCduv9Cmtxu%2FrvPSBwocs0GCWDE8seK8t9epmPQW7gwODxkAiKr9UxhJd9KvmBVuAQPf%2BoFQVo86USXkhXqTvUzB2bNUYY9FCy3CWgZFTOa1D3H1CVxf1eHzYIswNA7SmOzP%2FBX8g6%2B0hkzwMRkcit3gBNs4evAVJiqAgYvUlrtGwwv9bFx4X7jWSHY4%3D&cipherSalt=yANeDq09bwM38SJs"_10}
You can invoke the URL by sending it to yourself through either email or Slack following the *special instructions* below.
Copy and paste the SNA URL and send it to yourself via email.
Note: Some email clients have security features, such as Microsoft's Safe Links, that scan and open any embedded URLs in the email. The SNA URL is a one-time URL and can be made invalid during such security processes. To work around this in testing, you can use an email client that does not have this kind of security feature or modify the SNA URL from https://... to hxxps://... so the URL is non-clickable and change it back to https://... when you're ready to invoke it on your device. Other mobile email clients do not display the URL, even though the email is received. However, if you forward the email, the URL will be displayed.
To send the SNA URL in Slack, paste it into a preexisting code block. You must create a code block first because pasting the SNA URL directly into the message composer will cause Slack to automatically invalidate the URL.
Create the empty code block using these keyboard shortcuts:
- Mac: Shift + Option + Command + C
- Windows: Ctrl + Alt + Shift + C
Then paste the SNA URL into the code block and send the message.
Before tapping the SNA URL, ensure that your mobile phone's Wi-Fi is turned off and that it is only using cellular data connection. Tap the SNA URL to continue the authentication process. It should open up in your default browser and after a processing time of four seconds or less, land on a screen that looks similar to this:
You can now exit the browser, no further action is required with the response shown on this screen.
(information)
Info
In real implementations, invoke the SNA URL using a POST request.
We recommend using a POST request for real implementations rather than a GET request as is happening in this example, although both HTTP methods will have the same end result. POST requests have increased security due to not being cached in HTTP caches or browser history.
(warning)
Warning
Verifications expire after a 10-minute window that begins after it's created.
If you attempt to check a Verification that has expired then you will get a 404 Not Found error. If you encounter this during testing, restart the flow by starting a new Verification.
Next, send a request to the Verification Check API to confirm that the SNA URL invocation and Verification Attempt were successful.
Check your response from the Verification Check API for the status property. approved means that SNA successfully confirmed user possession of the mobile number provided.
_10"status": { "approved" }
Check your response from the Verification Check API for the sna_attempts_error_codes property. If one or more errors occurred during the SNA process, you will see a list of error codes here. The attempt_sid property refers to the specific Verification Attempt that was created with the Start New Verification endpoint.
You can check the Error and Warning Dictionary for more information on error codes including their possible causes and solutions.
_10"sna_attempts_error_codes": [_10 {_10 "attempt_sid": "VLXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",_10 "code": 60001_10 }