Navbar
shell php

API Documentation

Introduction

Welcome to the Silverstreet API!

The REST API communicates exclusively in JSON over SSL (HTTPS). Request and response data are JSON formatted using UTF-8 encoding and URL encoded values. The only requirement to use our API is to create an account on our portal.

All endpoint URLs begin with a domain name. Which domain name you have to use depends on the location you have created your Silverstreet application for.

Currently we have the following API nodes:

Location Host Callback host
Singapore api-asia-01.silverstreet.com api-asia-01-out.silverstreet.com
Frankfurt api-eu-01.silverstreet.com api-eu-01-out.silverstreet.com

If you are located in Africa, North- or South America, it doesn’t mean you can’t use our services. You can still connect with one of the available nodes.

When our API performs a callback to deliver message results to you, it will come from the callback host listed above. Please make sure that you have white listed the callback hosts to ensure we can deliver the results to you.

It is recommended that you use the media type designation of application/json.

Silverstreet has API nodes at different locations in the world. For some services when you create a service, you have to select for which node. Your service will only be available on that node.

Service Select node
Address Book Yes
Push Yes
Email Yes
SMS No
Number Lookup No
Verification No
VMN App No

Authentication

To authorize, use this code:

curl -X POST https:///v1/wallet/getbalance \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"
?>

With each API call you will need to authenticate yourself via HTTP Basic Authentication. You can do this by setting the request headers. In the request headers you can set the username and password for the authentication. The user name and password must be base64 encoded. For the username you have to fill in silverstreet. If you use one of our libraries or SDK's the username will be done for you, you just have to create an instance and set your API key and node you want to connect to. The base64 encoding of the username and password will be done by cURL and our libraries and SDK's automatically.

Errors

Example error response:

{
    "errorCode": 103,
    "type": "http:\/\/www.w3.org\/Protocols\/rfc2616\/rfc2616-sec10.html",
    "title": "Unprocessable Entity",
    "status": 422,
    "detail": "Invalid token."
}

The Silverstreet API uses standard HTTP status codes to indicate success or failure of your API calls. API calls, which are successful, have a HTTP status code in the range of 2xx. API calls, which have a failure, have a HTTP status code in the range of 4xx. The Silverstreet API can at least return HTTP status codes as shown in the table below. For some status codes an errorCode is added as well.

HTTP Status code Error code Description
200 The HTTP call is successful.
201 The Verification, SMS or Number Lookup is successfully created.
204 The SMS delivery reports and number lookup results are successfully confirmed or the backup codes are successfully deleted.
400 The data you have submitted could not be properly JSON decoded.
401 You have provided an invalid API key. Get the correct API key from our portal (https://portal.silverstreet.com/applications).
402 303 Your wallet is out of credit. Please topup your wallet to ensure you can use our service again.
403 301 Your account is disabled. Please contact our support team to help you further on this.
403 302 Your account is not enabled for the service. You can enable the service in our portal (https://portal.silverstreet.com/accounts).
404 The Verification, SMS or Number Lookup with the specified messageId was not found.
406 Cannot honor Accept type specified, only Accept header 'application/json' is supported. See Authentication example how to set it.
409 You have requested to create backup codes via a HTTP POST but the used identifier already exists. If you want to overwrite the existing entity use HTTP PUT instead.
415 Invalid content-type specified, only Content-type header 'application/json' is supported. See Authentication example how to set it.
422 103 Invalid token. The token entered by the user does not match with the token sent by our API to the user.
423 101 The token you tried to verify was already verified, you are only allowed to check a certain token once.
423 102 The token you tried to verify is expired. The token was not entered by the user within the required time (validity).
423 104 The token you tried to verify is failed. The reason why it is failed is for example because the Verification service of the account is disabled. In that case no token is sent and the user entered a random token.
429 You are sending too fast and your calls are throttled.
5xx An internal system error occurred. When this happens you can retry submitting the message.

Credit balance

Credit balances are represented as follows:

{
    "credit": ,
    "currencyCode": "usd",
    "freeVerifications": ,
    "wallet": "Default wallet"
}

Properties

Property Type Description
credit Float Not null. The current credit balance of your wallet. Can be negative in certain situations.
currencyCode String Not null. This is a 3-digit ISO 4217 code of the currency of your wallet.
freeVerifications Integer Not null. The number of free verifications you have left for this month.
wallet String Not null. The name of your wallet.

Get balance

Retrieve the credit balance of your wallet:

curl https:///v1/wallet/getbalance \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

The response looks like this:

{
    "credit": ,
    "currencyCode": "usd",
    "freeVerifications": ,
    "wallet": "Default wallet"
}
?>

Retrieve the credit balance of your wallet.

HTTP Endpoint

GET /wallet/v1/getbalance

Arguments

None.

Balance alarm webhook

The data we will send to you looks like this:

{
    "credit": ,
    "currencyCode": "usd",
    "freeVerifications": ,
    "wallet": "Default wallet"
}

In case you have configured a balance alarm with a webhook, the system will do a HTTP POST to the configured URL.

Verification

Verifications are represented as follows:

{
    "applicationTag": "Default application",
    "tokenLength": 6,
    "tokenType": "numeric",
    "createdDateTime": "",
    "dcs": 0,
    "issuer": null,
    "language": null,
    "messageId": "eu-01-1.25569.ver583ed178a52521.24988267",
    "reasonCode": null,
    "recipient": "1234567890",
    "salesPrice": 0,
    "salesPriceCurrencyCode": "eur",
    "sender": "Silver",
    "senderNpi": 0,
    "senderTon": 5,
    "sessionId": "3f2d893f-a663-4919-9472-e8b7f4b61fa7",
    "status": "success",
    "statusCode": 1,
    "tag": null,
    "bodyTemplate": "Your verification token is: %token%",
    "type": "sms",
    "validity": 30,
    "validUntilDateTime": "",
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/verification\/submit\/eu-01-1.25569.ver583ed178a52521.24988267"
        }
    }
}

Properties

Property Type Description
applicationTag String Not null. The application used for sending the verification.
tokenLength Integer Can be null. The length of the token as specified when sending the verification or the default value (6).
tokenType String Can be null. The type of the token as specified when sending the verification or the default value (numeric).
createdDateTime String Not null. The datetime the verification was received by the API. The datetime is in ISO-8601 format.
dcs Integer Can be null. The DCS value as specified when sending the verification.
issuer String Can be null. The issuer name as specified when sending the verification.
language String Can be null. Currently not used yet.
messageId String Not null. The unique identifier, generated by the API, of the verification.
reasonCode Integer Can be null. When the verification is rejected or failed a reasonCode can be given explaining the cause of the rejection. See further down below for an overview of possible reasonCodes.
recipient String Not null. The phone number as specified when sending the verification, the token must be send to.
salesPrice Float Can be null. The sales price of the verification. When the verification was a free monthly verification the sales price is 0.
salesPriceCurrencyCode String Can be null. The currency code of the salesPrice field. The currency code is defined by the currency of your wallet. The currencyCode is in the 3-digit ISO 4217 code format.
sender String Can be null. The sender of the token in case of an SMS as specified when sending the verification or the default value. The default value for the sender is Silver.
senderNpi Integer Can be null. The senderNpi of the token in case of an SMS as specified when sending the verification or the automatically detected value by the API. See our tutorial 'Sender' for more information.
senderTon Integer Can be null. The senderTon of the token in case of an SMS as specified when sending the verification or the automatically detected value by the API. See our tutorial 'Sender' for more information.
sessionId String Not null. The sessionId generated by the API when it was left out with the verification request or the sessionId you specified at the verification request. See 'Verification session' for more information.
status String Not null. The status of the verification. The status and statusCode fields are bound together. Possible values are listed in the table below.
statusCode Integer Not null. See status field for more information.
tag String Can be null. The tag as specified when sending the verification.
bodyTemplate String Can be null. The tag value as specified when sending the verification or the default value (Your verification token is: %token%)
type String Not null. The type as specified when sending the verification or the default value (sms)
validity Integer Not null. The validity in seconds as specified when sending the verification or the default value (60).
validUntilDateTime String Not null. The datetime until when the verification is valid. This is calculated by the API based on the validity field.

The status and statusCode fields can have the following values:

Code Status Description
0 no status The token is generated and sent to the phone.
1 success The token is successfully verified. The entered token matches with the token sent to the phone.
2 rejected The verification is rejected by the system and no token is sent to the phone. The reasonCode field indicates the reason why it is rejected. See further down below for an overview of possible reasonCodes.
3 expired The verification is expired as the token was not verified within the specified validity time.
4 failed The verification is failed as the entered token didn’t match with the token sent to the phone. The reasonCode field indicates the reason why it is rejected. See further down below for an overview of possible reasonCodes.

Submit verification

Example submit verification:

curl -X POST https:///v1/verification/submit \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>" \
    -d '{
        "recipient" : "1234567890"
    }'

The response looks like this:

{
    "applicationTag": "Default application",
    "tokenLength": null,
    "tokenType": null,
    "createdDateTime": "",
    "dcs": null,
    "issuer": "Silver",
    "language": null,
    "messageId": "eu-01-1.17172.ver583d6255ae66f2.27354409",
    "reasonCode": null,
    "recipient": "1234567890",
    "salesPrice": null,
    "salesPriceCurrencyCode": null,
    "sender": null,
    "senderNpi": null,
    "senderTon": null,
    "sessionId": "3f2d893f-a663-4919-9472-e8b7f4b61fa7",
    "status": "no status",
    "statusCode": 0,
    "tag": null,
    "bodyTemplate": null,
    "type": "sms",
    "validity": null,
    "validUntilDateTime": null,
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/verification\/submit\/eu-01-1.17172.ver583d6255ae66f2.27354409"
        }
    }
}

HTTP Endpoint

POST /verification/submit

Arguments

Key Type Description
recipient String Required. The recipient phone number in international format. It can be a mobile number or a fixed phone number.
type String Optional. The type of token to be send to the phone. Possible values are: biovoice, sms, call, push, telegram, line or facebook_messenger. The default value is sms.
issuer String Required for types push, telegram, line, facebook_messenger. The name to be displayed for the received verification message. See our FAQ about issuer for more information.
tokenLength String Optional. The tokenLength defines the length of the token. The minimum value is 4 and the maximum value 10. The default value is 6. When you set the tokenLength, you have to set the tokenType as well.
tokenType String Optional. Possible values are numeric and alphanumeric. Numeric token will only contain the digits 0-9. For alphanumeric the token contains the digits 0-9 and characters a-z (lowercase). The default value of the tokenType is numeric. When you set the tokenType, you have to set the tokenLength as well.
tag String Optional. The tag is a free text parameter you can use for your own reference. The maximum length of the tag is 30 characters. The tag parameter is returned in the result and you can use it for reporting purposes on your side.
sessionId String Optional. If it is not set the API will automatically generate the value. See 'Verification session' for more information. The maximum length of the sessionId is 54 characters.
validity String Optional. The validity specifies how long the token is valid. The validity is in seconds. If the token is not verified within this time, the token is expired. The minimum value of the validity is 5 seconds and the maximum value is 3600 seconds (= 1 hour). The default value is 60 seconds.
bodyTemplate String Optional. Only for SMS verification. The body template in case an SMS needs to be send. The body template must contain the tag '%token%' which will be used by the system to replace it with the actual token to be send to the end user. The maximum length on the body template is for GSM-7 alphabet 160 characters and for Unicode maximum 70 characters. This is including the token which will be inserted by the system. So if you set a tokenLength of 8, the max length of the bodyTemplate is 160-8=152 characters excluding the text '%token%'. If you do not set the tokenLength, the API will need to consider the maximum length of the token (10) for the maximum bodyTemplate length, so in that case the bodyTemplate can have a maximum length of 150 characters for GSM-7 and 60 for Unicode. Concatenated messages are not possible for these SMS messages. See our tutorial 'Unicode' for more information on the maximum length of the body. Default value for the bodyTemplate is: Your verification token is: %token%
sender String Optional. Only for SMS verification. The sender is what the receiver of the SMS see as the submitter of the SMS. See our tutorial 'Sender' for more information. The default value for the sender is Silver.
senderTon Integer Optional. Only for SMS verification. If it is not set the API will automatically detect the value. See our tutorial 'Sender' for more information.
senderNpi Integer Optional. Only for SMS verification. If it is not set the API will automatically detect the value. See our tutorial 'Sender' for more information.
dcs Integer Optional. Only for SMS verification. With the DCS parameter you can specify the character set of the bodyTemplate. For GSM-7 the value should be 0 and for Unicode the value should be 8. The default value is 0. See our tutorial 'Unicode' for more information.

Verify token

Example verify a token:

curl https:///v1/verification/submit/eu-01-1.25569.ver583ed178a52521.24988267?token=123456 \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

The response looks like this:

{
    "applicationTag": "Default application",
    "tokenLength": 6,
    "tokenType": "numeric",
    "createdDateTime": "",
    "dcs": 0,
    "issuer": null,
    "language": null,
    "messageId": "eu-01-1.25569.ver583ed178a52521.24988267",
    "reasonCode": null,
    "recipient": "1234567890",
    "salesPrice": 0,
    "salesPriceCurrencyCode": "eur",
    "sender": "Silver",
    "senderNpi": 0,
    "senderTon": 5,
    "sessionId": "3f2d893f-a663-4919-9472-e8b7f4b61fa7",
    "status": "success",
    "statusCode": 1,
    "tag": null,
    "bodyTemplate": "Your verification token is: %token%",
    "type": "sms",
    "validity": 30,
    "validUntilDateTime": "",
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/verification\/submit\/eu-01-1.25569.ver583ed178a52521.24988267"
        }
    }
}

HTTP Endpoint

GET /verification/submit/:messageId?token=:token

Arguments

Key Type Description
messageId String Required. The messageId returned with the verification submit.
token String Required. The token entered by the user and you want to verify with the token we sent to the user.

Get status

Example get verification status:

curl https:///v1/verification/submit/<MESSAGE_ID> \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

The response looks like this:

{
    "applicationTag": "Default application",
    "tokenLength": 6,
    "tokenType": "numeric",
    "createdDateTime": "",
    "dcs": 0,
    "issuer": null,
    "language": null,
    "messageId": "eu-01-1.18667.ver583d637356cd58.88711156",
    "reasonCode": null,
    "recipient": "1234567890",
    "salesPrice": 0.024,
    "salesPriceCurrencyCode": "eur",
    "sender": "Silver",
    "senderNpi": 0,
    "senderTon": 5,
    "sessionId": "3f2d893f-a663-4919-9472-e8b7f4b61fa7",
    "status": "success",
    "statusCode": 1,
    "tag": null,
    "bodyTemplate": "Your verification token is: %token%",
    "type": "sms",
    "validity": 30,
    "validUntilDateTime": "",
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/verification\/submit\/eu-01-1.18667.ver583d637356cd58.88711156"
        }
    }
}

HTTP Endpoint

GET /v1/verification/submit/:messageId

Arguments

Key Type Description
messageId String Required. The messageId returned with the verification submit.

Verification reason codes

Reason code Description
201 Insufficient credit.
202 Recipient temporary not available (phone switched off, roaming, handset memory full, etc.).
203 Recipient permanent not available (invalid number, handset doesn't support SMS, blacklisted, etc.).
204 Permanent network error.
205 Temporary network error.
206 Incorrect message parameter.
207 Rejected due to account issue.
208 Rejected due to spam or illegal content.
209 Validity expired.
299 An unknown error occurred.

Verification Widget Session

For more information how to integrate the verification widget, checkout our widget guide.

Properties

The verification sessions are represented as follows:

{
    "sessionToken": "eu-01_1161130_wid59003566562fe8.59122114e17b",
    "applicationTag": "Default application",
    "bodyTemplate": "Your verification token is %token%",
    "createdDateTime": "",
    "dcs": null,
    "issuer": null,
    "language": null,
    "recipient": "601234500000",
    "sender": "Silver",
    "senderNpi": null,
    "senderTon": null,
    "tag": null,
    "tokenLength": 6,
    "tokenType": "numeric",
    "requestedTypes": [
        "sms",
        "call"
    ],
    "allowedTypes": {
        "1": "sms",
        "2": "call"
    },
    "validity": null,
    "status": "success",
    "statusCode": 1,
    "backupCodeIdentifier": null,
    "verificationIds": [
        "eu-01-1.17172.ver583d6255ae66f2.27354409",
        "eu-01-1.18352.ver529c5e45ae72a2.83645283"
    ],
    "verification": {
            "applicationTag": "Default application",
            "bodyTemplate": null,
            "createdDateTime": "",
            "dcs": null,
            "issuer": null,
            "language": null,
            "messageId": "eu-01-1.18352.ver529c5e45ae72a2.83645283",
            "reasonCode": null,
            "recipient": "601234500000",
            "salesPrice": 0.07,
            "salesPriceCurrencyCode": "eur",
            "sender": null,
            "senderNpi": null,
            "senderTon": null,
            "sessionId": "eu-01_1161130_wid59003566562fe8.59122114e17b",
            "status": "success",
            "statusCode": 1,
            "tag": null,
            "tokenLength": null,
            "tokenType": null,
            "type": "sms",
            "validity": null,
            "validUntilDateTime": null,
            "webHook": null,
            "_links": {
                "self": {
                    "href": "https:\/\/\/v1\/verification\/submit\/eu-01-1.18352.ver529c5e45ae72a2.83645283"
                }
            },
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/widget\/verification\/session\/eu-01_1161130_wid59003566562fe8.59122114e17b"
        }
    }
}
Property Type Description
sessionToken String Not null. The unique id identifying this widget verification session.
applicationTag String Not null. The application used for sending the verification.
tokenLength Integer Can be null. The length of the token as specified when sending the verification or the default value (6).
tokenType String Can be null. The type of the token as specified when sending the verification or the default value (numeric).
createdDateTime String Not null. The datetime the verification was received by the API. The datetime is in ISO-8601 format.
dcs Integer Can be null. The DCS value as specified when sending the verification.
issuer String Can be null. The issuer name as specified when sending the verification.
language String Can be null. Currently not used yet.
recipient String Not null. The phone number as specified when sending the verification, the token must be send to.
sender String Can be null. The sender of the token in case of an SMS as specified when sending the verification or the default value. The default value for the sender is Silver.
senderNpi Integer Can be null. The senderNpi of the token in case of an SMS as specified when sending the verification or the automatically detected value by the API. See our tutorial 'Sender' for more information.
senderTon Integer Can be null. The senderTon of the token in case of an SMS as specified when sending the verification or the automatically detected value by the API. See our tutorial 'Sender' for more information.
status String Not null. The status of the widget verification session. The status and statusCode fields are bound together and can have the values as can be found in the table below.
statusCode Integer Not null. See status field for more information.
tag String Can be null. The tag as specified when sending the verification.
bodyTemplate String Can be null. The tag value as specified when sending the verification or the default value (Your verification token is: %token%)
requestedTypes Array Not null. The allowed types as specified when creating the widget verification session.
allowedTypes Array Not null. The allowed types as specified when creating the widget verification session minus types not available for the user. For example when you set backupcode but for the backupCodeIdentifier you specified the API cannot find backup codes, the type will be removed.
validity Integer Not null. The validity in seconds as specified when sending the verification or the default value (60).
backupCodeIdentifier String Can be null. The backupCodeIdentifier if set when creating the session.
totpIdentifier String Can be null. The totpIdentifier if set when creating the session.
verificationIds Array Not null. An array with verification ID's performed during the session.
verification Verification object Can be null. When the session is successfull, this parameter contains the successful verification object.

The status and statusCode fields can have the following values:

Code Status Description
0 no status The widget verification session is created and waiting for the widget to get started and performing verifications.
1 success The widget verification session is successfully verified. The entered token matches with the token sent to the phone.
2 expired The widget verification session is expired as the token was not verified within the specified validity time of the widget verification session.
3 max_attempts The verification has failed the maximum number of attempts of sending verification has reached.

Create verification session

Create a verification session:

curl -X POST https:///v1/widget/session \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>" \
    -d '{
        "recipient" : "601234500000"
    }'

The response will look like this:

{
    "sessionToken": "eu-01_1161130_wid59003566562fe8.59122114e17b",
    "applicationTag": "Default application",
    "bodyTemplate": "Your verification token is %token%",
    "createdDateTime": "",
    "dcs": null,
    "issuer": null,
    "language": null,
    "recipient": "601234500000",
    "sender": "Silver",
    "senderNpi": null,
    "senderTon": null,
    "tag": null,
    "tokenLength": 6,
    "tokenType": "numeric",
    "requestedTypes": [
        "sms",
        "call"
    ],
    "allowedTypes": [
        "sms",
        "call"
    ],
    "validity": null,
    "status": "no status",
    "statusCode": 0,
    "backupCodeIdentifier": null,
    "verificationIds": [],
    "verification": null,
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/widget\/verification\/session\/eu-01_1161130_wid59003566562fe8.59122114e17b"
        }
    }
}

HTTP Endpoint

POST /v1/widget/session

Arguments

Key Type Description
allowedTypes Array Optional. The allowedTypes defines which verification types can be used with the widget. Possible values are: sms, call, biovoice, push, totp, telegram, line or backupcode. When you do not set the parameter, the widget will use as default the types you have set for your account (Open the settings of the account and on the Verification tab select the types you want to allow your users to use). The first type you set as allowed type will be the first verification the widget will perform. The API will filter out certain types when that option is not available for the user. For example when you set 'backupcode' but for the backupCodeIdentifier you specified the API cannot find backup codes, the type will be removed. See 'requestedTypes' and 'allowedTypes' in the status result for more information.
recipient String Required when for the allowedTypes sms or call is included. The recipient is a single phone number in international format. The phone number can be a mobile number or a fixed phone number.
backupCodeIdentifier String Required when for the allowedTypes backupcode is included. The backupCodeIdentifier is the identifier you used for creating the backup codes for the user.
totpIdentifier String Required when for the allowedTypes totp is included. The totpIdentifier is the identifier you used for creating the TOTP for the user.
tokenLength Integer Optional. The tokenLength defines the length of the token. The minimum value is 4 and the maximum value 10. The default value is 6. When you set the tokenLength, you have to set the tokenType as well.
tokenType String Optional. Possible values are numeric and alphanumeric. Numeric token will only contain the digits 0-9. For alphanumeric the token contains the digits 0-9 and characters a-z (lowercase). The default value of the tokenType is numeric. When you set the tokenType, you have to set the tokenLength as well.
tag String Optional. The tag is a free text parameter you can use for your own reference. The maximum length of the tag is 30 characters. The tag parameter is returned in the result and you can use it for reporting purposes on your side.
issuer String Required for verifications of type push, telegram or line. The issuer is the name of the site the user wants to login to. When the user receives the request to confirm he wants to login, the user will get a message like "Please confirm to verify your login of '%issuer%'".
bodyTemplate String Optional. The body template in case an SMS needs to be send. The body template must contain the tag '%token%' which will be used by the system to replace it with the actual token to be send to the end user. The maximum length on the body template is for GSM-7 alphabet 160 characters and for Unicode maximum 70 characters. This is including the token which will be inserted by the system. So if you set a tokenLength of 8, the max length of the bodyTemplate is 160-8=152 characters excluding the text '%token%'. Concatenated messages are not possible for these SMS messages. See our tutorial 'Unicode' for more information on the maximum length of the body. Default value for the bodyTemplate is: Your verification token is: %token%
sender String Optional. The sender is what the receiver of the SMS see as the submitter of the SMS. See our tutorial 'Sender' for more information. The default value for the sender is Silver.
senderTon Integer Optional. If it is not set the API will automatically detect the value. See our tutorial 'Sender' for more information.
senderNpi Integer Optional. If it is not set the API will automatically detect the value. See our tutorial 'Sender' for more information.
dcs Integer Optional. With the DCS parameter you can specify the character set of the bodyTemplate. For GSM-7 the value should be 0 and for Unicode the value should be 8. The default value is 0. See our tutorial 'Unicode' for more information.

Get session status

Get verification session status:

curl https:///v1/widget/session/:sessionToken?recipient=601234500000 \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

The response will look like this:

{
    "sessionToken": "eu-01_1161130_wid59003566562fe8.59122114e17b",
    "applicationTag": "Default application",
    "bodyTemplate": "Your verification token is %token%",
    "createdDateTime": "",
    "dcs": null,
    "issuer": null,
    "language": null,
    "recipient": "601234500000",
    "sender": "Silver",
    "senderNpi": null,
    "senderTon": null,
    "tag": null,
    "tokenLength": 6,
    "tokenType": "numeric",
    "requestedTypes": [
        "sms",
        "call"
    ],
    "allowedTypes": [
        "sms",
        "call"
    ],
    "validity": null,
    "status": "no status",
    "statusCode": 0,
    "backupCodeIdentifier": null,
    "verificationIds": [],
    "verification": null,
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/widget\/verification\/session\/eu-01_1161130_wid59003566562fe8.59122114e17b"
        }
    }
}

HTTP Endpoint

GET /v1/widget/session/:sessionToken?recipient=:recipient&backupCodeIdentifier=:backupCodeIdentifier&totpIdentifier=:totpIdentifier

Arguments

Key Type Description
sessionToken Array Optional. The allowedTypes defines which verification types can be used with the widget. Possible values are: sms, call, biovoice, push, totp, telegram, line or backupcode. When you do not set the parameter, the widget will use as default the types you have set for your account (Open the settings of the account and on the Verification tab select the types you want to allow your users to use). The first type you set as allowed type will be the first verification the widget will perform. The API will filter out certain types when that option is not available for the user. For example when you set 'backupcode' but for the backupCodeIdentifier you specified the API cannot find backup codes, the type will be removed. See 'requestedTypes' and 'allowedTypes' in the status result for more information.
recipient String Required when for the allowedTypes sms or call is included. The recipient is a single phone number in international format. The phone number can be a mobile number or a fixed phone number.
backupCodeIdentifier String Required when for the allowedTypes backupcode is included. The backupCodeIdentifier is the identifier you used for creating the backup codes for the user.
totpIdentifier String Required when for the allowedTypes totp is included. The totpIdentifier is the identifier you used for creating the TOTP for the user.

Registration Widget Session

For more information how to integrate the registration widget, checkout our widget guide.

Properties

The registration sessions are represented as follows:

{
    "sessionToken": "eu-01_1161130_wid5aab9dec9bca47.995159356758",
    "applicationTag": "Default application",
    "requestedTypes": [
        "sms",
        "call",
    ],
    "registeredTypes": [
        "sms",
        "call",
    ],
    "allowedTypes": [
        "sms",
        "call",
    ],
    "recipient": "601234500000",
    "totpIdentifier": null,
    "backupCodeIdentifier": null,
    "issuer": null,
    "language": "en",
    "status": "no status",
    "statusCode": 0,
    "createdDateTime": "",
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/widget-register-verification\/session\/eu-01_1161130_wid5aab9dec9bca47.995159356758"
        }
    }
}
Property Type Description
sessionToken String Not null. The unique id identifying this widget verification session.
applicationTag String Not null. The application used for sending the verification.
requestedTypes Array Not null. The requested verification types.
registeredTypes Array Not null. The verification types the user is registered for.
allowedTypes Array Not null. The verification types the user is allowed for. This depends on the settings of the used account.
recipient String Not null. The phone number of the recipient.
totpIdentifier String Can be null. The totpIdentifier is the identifier you used for creating the TOTP for the user.
backupCodeIdentifier String Can be null. The backupCodeIdentifier is the identifier you used for creating the backup codes for the user.
issuer String Can be null. The issuer is the name of the site the user wants to login to. When the user receives the request to confirm he wants to login, the user will get a message like "Please confirm to verify your login of '%issuer%'".
language String Can be null. Language used for the verifications. Currently not used.
status String Not null. The status of the registration session. The status and statusCode fields are bound together. Possible values are listed in the table below.
statusCode String Not null. See status for more information.
createdDateTime String Not null. The datetime the verification was received by the API. The datetime is in ISO-8601 format.

The status and statusCode fields can have the following values:

Code Status Description
0 no status The widget verification session is created and waiting for the widget to get started and performing verifications.
1 success The widget verification session is successfully verified. The entered token matches with the token sent to the phone.
2 expired The widget verification session is expired as the token was not verified within the specified validity time of the widget verification session.

Create registration session

Create a registration session:

curl -X POST https:///v1/widget-register-verification/session \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>" \
    -d '{
        "recipient" : "601234500000"
    }'

The response will look like this:

{
    "sessionToken": "eu-01_1161130_wid5aab9dec9bca47.995159356758",
    "applicationTag": "Default application",
    "requestedTypes": [
        "sms",
        "call",
    ],
    "registeredTypes": [
        "sms",
        "call",
    ],
    "allowedTypes": [
        "sms",
        "call",
    ],
    "recipient": "601234500000",
    "totpIdentifier": null,
    "backupCodeIdentifier": null,
    "issuer": null,
    "language": "en",
    "status": "no status",
    "statusCode": 0,
    "createdDateTime": "",
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/widget-register-verification\/session\/eu-01_1161130_wid5aab9dec9bca47.995159356758"
        }
    }
}

HTTP Endpoint

POST /v1/widget-register-verification/session

Arguments

Key Type Description
allowedTypes Array Optional. The allowedTypes defines which verification types the user can register for in the widget. Possible values are: sms, call, biovoice, push, totp, telegram, line or backupcode. When you do not set the parameter, the widget will use as default the types you have set for your account (Open the settings of the account and on the Verification tab select the types you want to allow your users to use).
recipient String Required when for the allowedTypes sms or call is included. The recipient is a single phone number in international format. The phone number can be a mobile number or a fixed phone number.
backupCodeIdentifier String Required when for the allowedTypes backupcode is included. The backupCodeIdentifier is the identifier you used for creating the backup codes for the user.
totpIdentifier String Required when for the allowedTypes totp is included. The totpIdentifier is the identifier you used for creating the TOTP for the user.
issuer String Required when you want to use a verification of type push, telegram or line. The issuer is the name of the site the user wants to login to. When the user receives the request to confirm he wants to login, the user will get a message like "Please confirm to verify your login of '%issuer%'".

Backup Codes

Backup codes are represented as follows:

{
    "identifier": "1234567890",
    "amountOfCodesLeft": 10,
    "codes": [
        "73502977",
        "64553227",
        "61260614",
        "91387132",
        "74052942",
        "29371709",
        "22740780",
        "43369151",
        "51168501",
        "19402795"
    ],
    "createdDateTime": "",
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/backupcode\/1234567890"
        }
    }
}

Properties

Property Type Description
identifier String Not null. A unique identifier of the user, e.g. an email address.
amountOfCodesLeft Integer Not null. Number of backup codes left to use.
codes Array Not null. An array of generated backup codes.
createdDateTime String Not null. Date time the backup codes are generated.

Create backup codes

Example create backup codes:

curl -X POST https:///v1/backupcode \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>" \
    -d '{
        "identifier" : "1234567890"
    }'

The response looks like this:

{
    "identifier": "1234567890",
    "amountOfCodesLeft": 10,
    "codes": [
        "73502977",
        "64553227",
        "61260614",
        "91387132",
        "74052942",
        "29371709",
        "22740780",
        "43369151",
        "51168501",
        "19402795"
    ],
    "createdDateTime": "",
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/backupcode\/1234567890"
        }
    }
}

HTTP Endpoint

POST /v1/backupcode

Arguments

Key Type Description
identifier String Required. The identifier is a unique identifier of the user, e.g. an email address.

Verify backup codes

Example verify a backup code:

curl https:///v1/backupcode/1234567890?token=73502977 \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

The response looks like this:

{
    "identifier": "1",
    "amountOfCodesLeft": 9,
    "codes": [],
    "createdDateTime": "",
    "_embedded": {
        "verification": {
            "applicationTag": "Default application",
            "bodyTemplate": null,
            "createdDateTime": "",
            "dcs": null,
            "language": null,
            "messageId": "eu-01-1.7926.ver5955ec8f6e9640.25672922",
            "reasonCode": null,
            "recipient": "",
            "salesPrice": null,
            "salesPriceCurrencyCode": null,
            "sender": null,
            "senderNpi": null,
            "senderTon": null,
            "sessionId": "",
            "status": "success",
            "statusCode": 1,
            "tag": null,
            "tokenLength": null,
            "tokenType": null,
            "type": "backupcode",
            "validity": null,
            "validUntilDateTime": null,
            "webHook": null,
            "_links": {
                "self": {
                    "href": "https:\/\/\/v1\/verification\/submit\/eu-01-1.7926.ver5955ec8f6e9640.25672922"
                }
            }
        }
    },
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/backupcode\/1234567890"
        }
    }
}

HTTP Endpoint

GET /v1/backupcode/:identifier?token=:backupCode

Arguments

Key Type Description
identifier String Required. The identifier is a unique identifier of the user, e.g. an email address.
backupCode String Required. The backup code entered by the user.

Get remaining backup codes

Example get remaining backup codes:

curl https:///v1/backupcode/1234567890 \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

The response looks like this:

{
    "identifier": "1234567890",
    "amountOfCodesLeft": 9,
    "codes": [],
    "createdDateTime": "",
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/backupcode\/1234567890"
        }
    }
}

HTTP Endpoint

GET /v1/backupcode/:identifier

Arguments

Key Type Description
identifier String Required. The identifier is a unique identifier of the user, e.g. an email address.

Update backup codes

Example update backup codes:

curl -X PUT https:///v1/backupcode/1234567890 \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"
    -d '{
        "identifier" : "1234567890"
    }'

The response looks like this:

{
    "identifier": "1234567890",
    "amountOfCodesLeft": 10,
    "codes": [
        "73502977",
        "64553227",
        "61260614",
        "91387132",
        "74052942",
        "29371709",
        "22740780",
        "43369151",
        "51168501",
        "19402795"
    ],
    "createdDateTime": "",
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/backupcode\/1234567890"
        }
    }
}

Updating backup codes will delete the existing backup codes and generate 10 new backup codes.

HTTP Endpoint

PUT /v1/backupcode/:identifier

Arguments

Key Type Description
identifier String Required. The identifier is a unique identifier of the user, e.g. an email address.

Delete backup codes

Example delete backup codes:

curl -X DELETE https:///v1/backupcode/1234567890 \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

HTTP Endpoint

DELETE /v1/backupcode/:identifier

Arguments

Key Type Description
identifier String Required. The identifier is a unique identifier of the user, e.g. an email address.

TOTP

TOTP's are represented as follows:

{
    "identifier": "1234567890",
    "issuer": "Silver",
    "uri": "otpauth:\/\/totp\/Silverstreet:1234567890?secret=QBC4NBVJO37VZJHDHLKLKM6CVZBBV7MCAWIUZQWOK3ATLIWWPGHA&issuer=Silver",
    "verification": null,
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/totp\/1234567890"
        }
    }
}

Properties

Property Type Description
identifier String Not null. The identifier is a unique identifier of the user, e.g. an email address.
issuer String Not null. The issuer is the name of the site the user wants to login to. The issuer will be visible to the user when he scans the TOTP with the Silverstreet Authenticator app and shows for which website the TOTP is.
uri String Can be null. The URI to generate a QR code.
verification String Can be null. Is set when a TOTP verification is performed.

The URI can be converted to a QR code and scanned by the Silverstreet Authenticator. Check out our help topic 'How to generate a QR code'.

Create TOTP

Example create a TOTP:

curl -X POST https:///v1/totp \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>" \
    -d '{
        "identifier" : "1234567890",
        "issuer": "Silver"
    }'

The response looks like this:

{
    "identifier": "1234567890",
    "issuer": "Silver",
    "uri": "otpauth:\/\/totp\/Silverstreet:1234567890?secret=QBC4NBVJO37VZJHDHLKLKM6CVZBBV7MCAWIUZQWOK3ATLIWWPGHA&issuer=Silver",
    "verification": null,
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/totp\/1234567890"
        }
    }
}

HTTP Endpoint

POST /v1/totp

Arguments

Key Type Description
identifier String Required. The identifier is a unique identifier of the user, e.g. an email address. The identifier will be visible in the Silverstreet Authenticator app as the application name.
issuer String Required. The issuer is the name of the site the user wants to login to. The issuer will be visible to the user when he scans the TOTP with the Silverstreet Authenticator app and shows for which website the TOTP is.

Verify TOTP

Example verify a TOTP:

curl https:///v1/totp/1234567890?token=012345 \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

The response looks like this:

{
    "identifier": "1234567890",
    "issuer": "Silver",
    "uri": null,
    "_embedded": {
        "verification": {
            "applicationTag": "Default application",
            "bodyTemplate": null,
            "createdDateTime": "",
            "dcs": null,
            "issuer": "Silver",
            "language": null,
            "messageId": "eu-01-1.7926.ver5955ec8f6e9640.25672922",
            "reasonCode": null,
            "recipient": "",
            "salesPrice": null,
            "salesPriceCurrencyCode": null,
            "sender": null,
            "senderNpi": null,
            "senderTon": null,
            "sessionId": "",
            "status": "success",
            "statusCode": 1,
            "tag": null,
            "tokenLength": null,
            "tokenType": null,
            "type": "totp",
            "validity": null,
            "validUntilDateTime": null,
            "webHook": null,
            "_links": {
                "self": {
                    "href": "https:\/\/\/v1\/verification\/submit\/eu-01-1.7926.ver5955ec8f6e9640.25672922"
                }
            }
        }
    },
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/totp\/1234567890"
        }
    }
}

HTTP Endpoint

GET /v1/totp/:identifier?token=:token

Arguments

Key Type Description
identifier String Required. The identifier is a unique identifier of the user, e.g. an email address. The identifier will be visible in the Silverstreet Authenticator app as the application name.
token String Required. The TOTP token entered by the user and you want to verify with the generated TOTP for the user.

Check status TOTP

Example get status of a TOTP:

curl https:///v1/totp/1234567890 \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

The response looks like this:

{
    "identifier": "1234567890",
    "issuer": "Silver",
    "uri": null,
    "verification": null,
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/totp\/1234567890"
        }
    }
}

HTTP Endpoint

GET /v1/totp/:identifier

Arguments

Key Type Description
identifier String Required. The identifier is a unique identifier of the user, e.g. an email address. The identifier will be visible in the Silverstreet Authenticator app as the application name.

Delete TOTP

Example delete a TOTP:

curl -X DELETE https:///v1/totp/1234567890 \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

HTTP Endpoint

DELETE /v1/totp/:identifier

Arguments

Key Type Description
identifier String Required. The identifier is a unique identifier of the user, e.g. an email address.

Bio Voice

In order to use bio voice, a user first needs to register for it. Once the registration is completed, a subscription is created and a user can be verified via bio voice.

Bio voice verification is a verification based on your voice. In order to be able to do such verification, you first have to register a user for it. This is done via a phone call where the user needs to say a sentence 3 times. Based on this a voice print of the user is created.

So first start a registration, once the registration is completed, a subscription is created. The sentence the user has to say is by default 'Verify me with my voicepin'. If you want a different sentence, please contact our support.

The flow is like this:

  1. Start a Bio voice registration
  2. The Twizo API will start a call to the user and asks to say a sentence 3 times
  3. Wait till the registration is finished
  4. You can check the status for example every 10 seconds
  5. Check the created subscription
  6. Perform a bio voice verification

Create registration

This will initiate a call to the user. While the registration call is in progress, you cannot perform a bio voice verification yet. Start the registration by specifying the phone number of the user.

Example create a bio voice registration:

curl -X POST https:///v1/biovoice/registration \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>" \
    -d '{
        "recipient" : "1234567890"
    }'

The response looks like this:

{
    "createdDateTime": "",
    "language": null,
    "reasonCode": 0,
    "recipient": "1234567890",
    "registrationId": "7695.B015a3bc4e6a2b338.39633794",
    "salesPrice": 0.157675,
    "salesPriceCurrencyCode": "sgd",
    "status": "success",
    "statusCode": 1,
    "voiceSentence": "Verify me with my voicepin",
    "webHook": null,
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/biovoice\/registration\/7695.B015a3bc4e6a2b338.39633794"
        }
    }
}

HTTP Endpoint

POST /v1/biovoice/registration

Arguments

Key Type Description
recipient String Required. The phone number of the user.

Check status registration

While the status is 'no_status' the bio voice registration is still in progress. When the status is 'success' the registration is successful and when it is 'failed' the registration failed. When it failed you can start a new registration.

Example get status of a bio voice registration:

curl https:///v1/biovoice/registration/1234567890 \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

The response looks like this:

{
    "createdDateTime": "",
    "language": null,
    "reasonCode": 0,
    "recipient": "1234567890",
    "registrationId": "7695.B015a3bc4e6a2b338.39633794",
    "salesPrice": null,
    "salesPriceCurrencyCode": null,
    "status": "no status",
    "statusCode": 0,
    "voiceSentence": "Verify me with my voicepin",
    "webHook": null,
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/biovoice\/registration\/7695.B015a3bc4e6a2b338.39633794"
        }
    }
}

HTTP Endpoint

GET /v1/biovoice/registration/:recipient

Arguments

Key Type Description
recipient String Required. The phone number of the user.

Check status subscription

The registration is now completed. The registration is now turned into a subscription.

Example get status of a bio voice subscription:

curl https:///v1/biovoice/subscription/1234567890 \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

The response looks like this:

{
    "createdDateTime": "",
    "recipient": "1234567890",
    "voiceSentence": "Verify me with my voicepin",
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/biovoice\/subscription\/1234567890"
        }
    }
}
?<

HTTP Endpoint

GET /v1/biovoice/subscription/:recipient

Arguments

Key Type Description
recipient String Required. The phone number of the user.

Delete subscription

Example delete a bio voice subscription:

curl -X DELETE https:///v1/biovoice/subscription/<RECIPIENT> \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

HTTP Endpoint

DELETE /v1/biovoice/subscription/:recipient

Arguments

Key Type Description
recipient String Required. The phone number of the user.

SMS (MT)

Properties

SMS messages are represented as follows:

{
    "applicationTag": "test",
    "body": "Body of the SMS",
    "callbackUrl": null,
    "createdDateTime": "",
    "dcs": null,
    "messageId": "eu-01-1.18667.sms583d64765f6b28.36322430",
    "networkCode": 12345,
    "pid": null,
    "reasonCode": 0,
    "recipient": "1234567890",
    "resultType": 0,
    "salesPrice": 0.001,
    "salesPriceCurrencyCode": "eur",
    "scheduledDelivery": null,
    "sender": "Hello world",
    "senderNpi": 0,
    "senderTon": 5,
    "status": "delivered",
    "statusCode": 1,
    "tag": null,
    "resultTimestamp": "",
    "udh": null,
    "validity": 259200,
    "validUntilDateTime": "",
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/sms\/submit\/eu-01-1.18667.sms583d64765f6b28.36322430"
        }
    }
}
Property Type Description
applicationTag String Not null. The application used for sending the SMS.
body String Not null. The body as specified when sending the SMS.
callbackUrl String Can be null. The callback URL specified when sending the SMS. Our system will call this URL to return the delivery report of the SMS.
createdDateTime String Not null. The datetime the SMS was received by the API. The datetime is in ISO-8601 format.
dcs Integer Can be null. The DCS value as specified when sending the SMS.
messageId String Not null. The unique identifier, generated by the API, of the SMS.
networkCode String Can be null. The network code of the operator the mobile number is subscribed to. The network code is the MCC (Mobile Country Code) and MNC (Mobile Network Code) concatenated.
pid Integer Can be null. The PID value as specified when sending the SMS.
reasonCode Integer Can be null. When the SMS is rejected or could not be delivered a reasonCode is given explaining the cause of the rejection. See further down below for an overview of possible reasonCodes
recipient String Not null. The phone number as specified when sending the SMS.
resultType Integer Not null. The result type specified when sending the SMS. Possible values can be found in the table below.
salesPrice Float Can be null. The sales price of the SMS.
salesPriceCurrencyCode String Can be null. The currency code of the salesPrice field. The currency code is defined by the currency of your wallet. The currencyCode is in the 3-digit ISO 4217 code format.
scheduledDelivery String Can be null. The scheduled delivery time as specified when sending the SMS.
sender String Not null. The sender of the SMS as specified when sending the SMS.
senderNpi Integer Can be null. The senderNpi of the SMS as specified when sending the SMS or the automatically detected value by the API. See our tutorial 'Sender' for more information.
senderTon Integer Can be null. The senderTon of the SMS as specified when sending the SMS or the automatically detected value by the API. See our tutorial 'Sender' for more information.
status String Not null. The status of the SMS. The status and statusCode fields are bound together and can have the values as can be found in the table below.
statusCode Integer Not null. See status field for more information.
tag String Can be null. The tag as specified when sending the SMS.
resultTimestamp String Can be null. The timestamp when the message is delivered to the mobile phone.
udh String Can be null. The UDH as specified when sending the SMS.
validity Integer Not null. The validity in seconds as specified when sending the SMS or the default value (60).
validUntilDateTime String Can be null. The datetime until when the SMS is valid. This is calculated by the API based on the validity field.

The resultType field can have the following values:

Value Description
0 No results (default)
1 Callback (you have to specify the callbackUrl)
2 Polling
3 Callback & polling (you have to specify the callbackUrl)

The status and statusCode fields can have the following values:

Code Status Description
0 no status The SMS is received by our system. This is a temporary status, a final status will follow later.
1 delivered The SMS is successfully delivered to the mobile phone.
2 rejected The SMS is rejected by the system and is not sent to the phone. The reasonCode field indicates the reason why it is rejected. See further down below for an overview of possible reasonCodes.
3 expired The SMS is expired as it could not be delivered within the specified validity time.
4 enroute The SMS is on it's way in the mobile network and will be tried to deliver at a later moment. This is a temporary status, a final status will follow later.
5 buffered The SMS is buffered in a queue in the mobile network and will be tried to deliver at a later moment. This is a temporary status, a final status will follow later.
6 accepted The SMS is accepted by the mobile network and will be tried to deliver at a later moment. This is a temporary status, a final status will follow later.
7 undelivered The SMS could not be delivered.
8 deleted The SMS is deleted and will not be delivered.
9 unknown The SMS could not be delivered due to an unknown reason.

Submit simple SMS

Submit a simple SMS:

curl -X POST https:///v1/sms/submitsimple \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>" \
    -d '{
        "recipients" : ["1234567890"],
        "body" : "Body of the sms",
        "sender" : "Hello world"
    }'

The response will look like this:

{
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/sms\/submit"
        }
    },
    "_embedded": {
        "items": [
            {
                "applicationTag": "test",
                "body": "Body of the SMS",
                "callbackUrl": null,
                "createdDateTime": "",
                "dcs": null,
                "messageId": "eu-01-1.18667.sms583d64765f6b28.36322430",
                "networkCode": null,
                "pid": null,
                "reasonCode": null,
                "recipient": "1234567890",
                "resultType": 0,
                "salesPrice": null,
                "salesPriceCurrencyCode": null,
                "scheduledDelivery": null,
                "sender": "Hello world",
                "senderNpi": 0,
                "senderTon": 5,
                "status": "no status",
                "statusCode": 0,
                "tag": null,
                "resultTimestamp": null,
                "udh": null,
                "validity": 259200,
                "validUntilDateTime": "",
                "_links": {
                    "self": {
                        "href": "https:\/\/\/v1\/sms\/submit\/eu-01-1.18667.sms583d64765f6b28.36322430"
                    }
                }
            }
        ]
    },
    "total_items": 1
}

When submitting a simple SMS, the API will split up long SMS into multiple parts as an SMS has a maximum length. Check our tutorial 'Concatenated/long SMS' for more information on concatenated SMS.

HTTP Endpoint

POST /v1/biovoice/sms/submitsimple

Arguments

Key Type Description
recipients Array Required. It should be an array of phone numbers (in string format), in international format, for the SMS. At least 1 number must be set and maximum 1000.
body String Required. The body of the SMS. The API will automatically determine if the body is Unicode or not and when the body is too long for a single SMS the API will automatically split up the body into multiple parts. The maximum number of concatenated parts is 9. See our tutorials 'Unicode' and 'Concatenated/long SMS' for more information.
sender String Required. The sender is what the receiver of the SMS see as the submitter of the SMS. See our tutorial 'Sender' for more information. When it is numeric the maximum length is 17 digits, when it is alphanumeric the maximum length is 11.
senderTon String Optional. If it is not set the API will automatically detect the value. See our tutorial 'Sender' for more information.
senderNpi String Optional. If it is not set the API will automatically detect the value. See our tutorial 'Sender' for more information.
pid String Optional. Can be used to send hidden SMS. Allowed values: 0-255. See also GSM specification.
scheduledDelivery String Optional. Datetime of scheduled delivery. Must be in ISO-8601 format, example: .
tag String Optional. The tag is a free text parameter you can use for your own reference. The maximum length of the tag is 30 characters. The tag parameter is returned in the result and you can use it for reporting purposes on your side.
validity String Optional. The validity specifies how long the message is valid. The validity is in seconds. If the message could not be delivered within this time, the message will expire and no more attempts will be made to deliver it. The minimum value of the validity is 5 seconds and the maximum value is 259200 seconds (= 72 hours). The default value is 259200 seconds.
resultType String Optional. The result type specified when sending the SMS. Possible values can be found in the table below.
callbackUrl String Required when resultType is set to 1 or 3. When the callbackUrl is set, this URL will be used by our system to submit status updates to you. This parameter is only allowed when the resultType parameter is set to 1 or 3.

The resultType field can have the following values:

Value Description
0 No results (default)
1 Callback (you have to specify the callbackUrl)
2 Polling
3 Callback & polling (you have to specify the callbackUrl)

Submit advanced SMS

Submit an advanced SMS:

curl -X POST https:///v1/sms/submit \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>" \
    -d '{
        "recipients" : ["1234567890"],
        "body" : "Body of the sms",
        "sender" : "Hello world"
    }'

The response will look like this:

{
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/sms\/submit"
        }
    },
    "_embedded": {
        "items": [
            {
                "applicationTag": "test",
                "body": "Body of the SMS",
                "callbackUrl": null,
                "createdDateTime": "",
                "dcs": null,
                "messageId": "eu-01-1.18667.sms583d64765f6b28.36322430",
                "networkCode": null,
                "pid": null,
                "reasonCode": null,
                "recipient": "1234567890",
                "resultType": 0,
                "salesPrice": null,
                "salesPriceCurrencyCode": null,
                "scheduledDelivery": null,
                "sender": "Hello world",
                "senderNpi": 0,
                "senderTon": 5,
                "status": "no status",
                "statusCode": 0,
                "tag": null,
                "resultTimestamp": null,
                "udh": null,
                "validity": 259200,
                "validUntilDateTime": "",
                "_links": {
                    "self": {
                        "href": "https:\/\/\/v1\/sms\/submit\/eu-01-1.18667.sms583d64765f6b28.36322430"
                    }
                }
            }
        ]
    },
    "total_items": 1
}

HTTP Endpoint

POST /v1/biovoice/sms/submit

Arguments

Key Type Description
recipients Array Required. It should be an array of phone numbers (in string format), in international format, for the SMS. At least 1 number must be set and maximum 1000.
body String Required. This is a mandatory string parameter. The body of the SMS. The body shall be send in GSM-7 alphabet and the maximum length is 160 characters. When you want to send characters not in the GSM-7 alphabet you have to send it as Unicode. In that case you have to set the DCS to 8. The maximum length is in that case 70 characters. When you send a concatenated message, you have to set a UDH as well and the maximum length for GSM-7 is then 153 characters and for Unicode 67 characters. See our tutorials 'Unicode' and 'Concatenated/long SMS' for more information.
sender String Required. The sender is what the receiver of the SMS see as the submitter of the SMS. See our tutorial 'Sender' for more information. When it is numeric the maximum length is 17 digits, when it is alphanumeric the maximum length is 11.
senderTon Integer Optional. If it is not set the API will automatically detect the value. See our tutorial 'Sender' for more information.
senderNpi Integer Optional. If it is not set the API will automatically detect the value. See our tutorial 'Sender' for more information.
pid Integer Optional. Can be used to send hidden SMS. Allowed values: 0-255. See also GSM specification.
dcs Integer Optional. Can be used to mark body as Unicode (8). Allowed values: 0-255. See also GSM specification.
udh String Required for long SMS. Can only consist of hexadecimal characters. Length in this parameter divided by 2 is subtracted from the maximum body length. See also GSM specification.
scheduledDelivery String Optional. Datetime of scheduled delivery. Must be in ISO-8601 format, example: .
tag String Optional. The tag is a free text parameter you can use for your own reference. The maximum length of the tag is 30 characters. The tag parameter is returned in the result and you can use it for reporting purposes on your side.
validity String Optional. The validity specifies how long the message is valid. The validity is in seconds. If the message could not be delivered within this time, the message will expire and no more attempts will be made to deliver it. The minimum value of the validity is 5 seconds and the maximum value is 259200 seconds (= 72 hours). The default value is 259200 seconds.
resultType String Optional. The result type specified when sending the SMS. Possible values can be found in the table below.
callbackUrl String Required when resultType is set to 1 or 3. When the callbackUrl is set, this URL will be used by our system to submit status updates to you. This parameter is only allowed when the resultType parameter is set to 1 or 3.

The resultType field can have the following values:

Value Description
0 No results (default)
1 Callback (you have to specify the callbackUrl)
2 Polling
3 Callback & polling (you have to specify the callbackUrl)

Get SMS status

To get the SMS status:

curl https:///v1/sms/submit/<MESSAGE_ID> \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

The response will look like this:

{
    "applicationTag": "test",
    "body": "Body of the SMS",
    "callbackUrl": null,
    "createdDateTime": "",
    "dcs": null,
    "messageId": "eu-01-1.18667.sms583d64765f6b28.36322430",
    "networkCode": 12345,
    "pid": null,
    "reasonCode": 0,
    "recipient": "1234567890",
    "resultType": 0,
    "salesPrice": 0.001,
    "salesPriceCurrencyCode": "eur",
    "scheduledDelivery": null,
    "sender": "Hello world",
    "senderNpi": 0,
    "senderTon": 5,
    "status": "delivered",
    "statusCode": 1,
    "tag": null,
    "resultTimestamp": "",
    "udh": null,
    "validity": 259200,
    "validUntilDateTime": "",
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/sms\/submit\/eu-01-1.18667.sms583d64765f6b28.36322430"
        }
    }
}

HTTP Endpoint

GET /v1/biovoice/sms/submit/:messageId

Arguments

Key Type Description
messageId String Required. The unique identifier of the SMS.

Get SMS delivery reports

To get SMS delivery reports:

curl https:///v1/sms/poll \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

The response will look like this:

{
    "batchId": "12467857ea2d2f8867d3.73020448",
    "count": 1,
    "_embedded": {
        "messages": [
            {
                "applicationTag": "test",
                "body": "Body of the SMS",
                "callbackUrl": null,
                "createdDateTime": "",
                "dcs": null,
                "messageId": "eu-01-1.18667.sms583d64765f6b28.36322430",
                "networkCode": 12345,
                "pid": null,
                "reasonCode": 0,
                "recipient": "1234567890",
                "resultType": 0,
                "salesPrice": 0.001,
                "salesPriceCurrencyCode": "eur",
                "scheduledDelivery": null,
                "sender": "Hello world",
                "senderNpi": 0,
                "senderTon": 5,
                "status": "delivered",
                "statusCode": 1,
                "tag": null,
                "resultTimestamp": "",
                "udh": null,
                "validity": 259200,
                "validUntilDateTime": "",
                "_links": {
                    "self": {
                        "href": "https:\/\/\/v1\/sms\/submit\/eu-01-1.18667.sms583d64765f6b28.36322430"
                    }
                }
            }
        ]
    },
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/sms\/poll\/12467857ea2d2f8867d3.73020448"
        }
    }
}

Depending on the value of the resultType field when submitting SMS, you can poll for SMS delivery reports. Each time you check for delivery reports you will receive up to maximum 10 delivery reports at a time. When you received the delivery reports you will need to confirm them so that our system knows you received them correctly. When you are using one of our libraries or SDK's you do not have to confirm the delivery reports, it will be done for you, so you don't have to confirm.

HTTP Endpoint

GET /v1/sms/poll

Arguments

None.

Confirm SMS delivery reports

To confirm SMS delivery reports:

curl -X DELETE https:///v1/sms/poll/:batchId \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

HTTP Endpoint

DELETE /v1/sms/poll/:batchId

Arguments

Key Description
batchId The batchId returned when retrieving the SMS delivery reports.

SMS delivery report webhook

The SMS delivery report will look like this:

{
    "applicationTag": "test",
    "body": "Body of the SMS",
    "callbackUrl": null,
    "createdDateTime": "",
    "dcs": null,
    "messageId": "eu-01-1.18667.sms583d64765f6b28.36322430",
    "networkCode": 12345,
    "pid": null,
    "reasonCode": 0,
    "recipient": "1234567890",
    "resultType": 0,
    "salesPrice": 0.001,
    "salesPriceCurrencyCode": "eur",
    "scheduledDelivery": null,
    "sender": "Hello world",
    "senderNpi": 0,
    "senderTon": 5,
    "status": "delivered",
    "statusCode": 1,
    "tag": null,
    "resultTimestamp": "",
    "udh": null,
    "validity": 259200,
    "validUntilDateTime": "",
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/sms\/submit\/eu-01-1.18667.sms583d64765f6b28.36322430"
        }
    }
}

In case you have requested to receive the SMS delivery reports via a webhook, the system will do a HTTP POST to your configured URL.

SMS reason codes

Reason code Description
201 Insufficient credit.
202 Recipient temporary not available (phone switched off, roaming, handset memory full, etc.).
203 Recipient permanent not available (invalid number, handset doesn't support SMS, blacklisted, etc.).
204 Permanent network error.
205 Temporary network error.
206 Incorrect message parameter.
207 Rejected due to account issue.
208 Rejected due to spam or illegal content.
209 Validity expired.
299 An unknown error occurred.

Incoming SMS (MO)

Properties

Number lookups are represented as follows:

{
    "body": "Hello world",
    "createdDateTime": "",
    "keyword": null,
    "networkCode": null,
    "recipient": "1234567890",
    "sender": "Silver",
    "udh": null
}
Property Type Description
body String Not null. The body of the incoming SMS.
createdDateTime Integer The datetime the incoming SMS was received by our platform. The datetime is in ISO-8601 format.
keyword String If you have configured keyword for your VMN and the message begins with the keyword, the keyword will be set in this field.
networkCode String The network code of the operator of the mobile number who sent the SMS. The network code is the MCC (Mobile Country Code) and MNC (Mobile Network Code) concatenated.
recipient String The recipient is the mobile number when the MO is sent to, so the VMN configured for you.
sender String The mobile number who sent the SMS.
udh String When the mobile number who sent the SMS sent a long SMS, it will be split up by the network into parts. Each part will have a UDH which you can use to combine it to one text again. See our tutorial on Concatenated/long SMS for more details.

Incoming SMS webhook

The incoming message looks like this:

{
    "body": "Hello world",
    "createdDateTime": "",
    "keyword": null,
    "networkCode": null,
    "recipient": "1234567890",
    "sender": "Silver",
    "udh": null
}

In case an incoming SMS is received by our platform, the system will do a HTTP POST to your configured URL.

Number Lookup

Properties

Number lookups are represented as follows:

{
    "applicationTag": "Default application",
    "callbackUrl": null,
    "countryCode": "es",
    "createdDateTime": "",
    "imsi": "214031500000000",
    "messageId": "eu-01-1.19910.nrl583d65f60cdc75.96102916",
    "msc": null,
    "networkCode": 12345,
    "number": "1234567890",
    "operator": "(SPAIN)ORANGE",
    "reasonCode": 0,
    "resultType": 0,
    "salesPrice": 0.00011,
    "salesPriceCurrencyCode": "eur",
    "status": "delivered",
    "statusCode": 1,
    "tag": null,
    "resultTimestamp": "",
    "validity": 60,
    "validUntilDateTime": "",
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/numberlookup\/submit\/eu-01-1.19910.nrl583d65f60cdc75.96102916"
        }
    }
}
Property Type Description
applicationTag String Not null. The application used for sending the Number Lookup.
callbackUrl String Can be null. The callback URL specified when sending the Number Lookup. Our system will call this URL to return the result of the Number Lookup.
countryCode String Can be null. A two digit ISO 3166-1 alpha-2 code of the country of the operator the mobile number is subscribed to.
createdDateTime String Not null. The datetime the Number Lookup was received by the API. The datetime is in ISO-8601 format.
imsi String Can be null. The IMSI (International Mobile Subscriber Identity) of the SIM card the mobile number is linked to.
messageId String Not null. The unique identifier, generated by the API, of the Number Lookup.
msc String Can be null. The MSC (Mobile Switching Center) of the operator the mobile phone is currently registered to. This can be used to identify if a mobile phone is currently roaming or not.
networkCode Integer Can be null. The network code of the operator the mobile number is subscribed to. The network code is the MCC (Mobile Country Code) and MNC (Mobile Network Code) concatenated.
number String Not null. The phone number as specified when sending the Number Lookup.
operator String Can be null. The name of the operator the mobile number is subscribed to.
reasonCode Integer Can be null. When the Number Lookup is rejected or could not be performed a reasonCode is given explaining the cause of the rejection. See further down below for an overview of possible reasonCodes
resultType Integer Can be null. The result type specified when sending the Number Lookup. Possible values can be found in the table below.
salesPrice Float Can be null. The sales price of the Number Lookup.
salesPriceCurrencyCode String Can be null. The currency code of the salesPrice field. The currency code is defined by the currency of your wallet. The currencyCode is in the 3-digit ISO 4217 code format.
status String Not null. The status of the SMS. The status and statusCode fields are bound together and can have the values as can be found in the table below.
statusCode Integer Not null. See status field for more information.
tag String Can be null. The tag as specified when sending the Number Lookup.
resultTimestamp String Can be null. The timestamp when the Number Lookup was performed.
validity Integer Not null. The validity in seconds as specified when sending the Number Lookup or the default value (60).
validUntilDateTime String Can be null. The datetime until when the Number Lookup is valid. This is calculated by the API based on the validity field.

The resultType field can have the following values:

Value Description
0 No results (default)
1 Callback (you have to specify the callbackUrl)
2 Polling
3 Callback & polling (you have to specify the callbackUrl)

The status and statusCode fields can have the following values:

Code Status Description
0 no status The Number Lookup is received by our system. This is a temporary status, a final status will follow later.
1 delivered The Number Lookup is successfully performed.
2 rejected The Number Lookup is rejected by the system and is not performed. The reasonCode field indicates the reason why it is rejected. See further down below for an overview of possible reasonCodes.
3 expired The Number Lookup is expired as it could not be performed within the specified validity time.
4 enroute The Number Lookup is on it's way in the mobile network and will be tried to perform at a later moment. This is a temporary status, a final status will follow later.
5 buffered The Number Lookup is buffered in a queue in the mobile network and will be tried to perform at a later moment. This is a temporary status, a final status will follow later.
6 accepted The Number Lookup is accepted by the mobile network and will be tried to perform at a later moment. This is a temporary status, a final status will follow later.
7 undelivered The Number Lookup could not be performed.
8 deleted The Number Lookup is deleted and will not be performed.
9 unknown The Number Lookup could not be performed due to an unknown reason.

Submit number lookup

Submit a simple SMS:

curl -X POST https:///v1/numberlookup/submit \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>" \
    -d '{
        "numbers" : ["1234567890"]
    }'

The response will look like this:

{
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/numberlookup\/submit"
        }
    },
    "_embedded": {
        "items": [
            {
                "applicationTag": "Default application",
                "callbackUrl": null,
                "countryCode": null,
                "createdDateTime": "",
                "imsi": null,
                "messageId": "eu-01-1.19910.nrl583d65f60cdc75.96102916",
                "msc": null,
                "networkCode": null,
                "number": "1234567890",
                "operator": null,
                "reason": null,
                "resultType": 0,
                "salesPrice": null,
                "salesPriceCurrencyCode": null,
                "status": "no status",
                "statusCode": 0,
                "tag": null,
                "resultTimestamp": null,
                "validity": 60,
                "validUntilDateTime": "",
                "_links": {
                    "self": {
                        "href": "https:\/\/\/v1\/numberlookup\/submit\/eu-01-1.19910.nrl583d65f60cdc75.96102916"
                    }
                }
            }
        ]
    },
    "total_items": 1
}

HTTP Endpoint

POST /v1/numberlookup/submit

Arguments

Key Type Description
numbers Array Required. The phone numbers in international format you want to perform a number lookup for.
tag Array Optional. The tag is a free text parameter you can use for your own reference. The maximum length of the tag is 30 characters. The tag parameter is returned in the result and you can use it for reporting purposes on your side.
validity Array Optional. The validity specifies how long the Number Lookup is valid. The validity is in seconds. If the Number Lookup could not be performed within this time, the Number Lookup is expired. The minimum value of the validity is 5 seconds and the maximum value is 259200 seconds (= 72 hours). The default value is 259200 seconds.
resultType Array Optional. The result type specified when sending the Number Lookup. Possible values can be found in the table below.
callbackUrl Array Required when resultType is set to 1 or 3. When the callbackUrl is set, this URL will be used by our system to submit status updates to you. This parameter is only allowed when the resultType parameter is set to 1 or 3.

The resultType field can have the following values:

Value Description
0 No results (default)
1 Callback (you have to specify the callbackUrl)
2 Polling
3 Callback & polling (you have to specify the callbackUrl)

Get number lookup status

To get the Number Lookup status:

curl https:///v1/numberlookup/submit/<MESSAGE_ID> \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

The response will look like this:

{
    "applicationTag": "Default application",
    "callbackUrl": null,
    "countryCode": "es",
    "createdDateTime": "",
    "imsi": "214031500000000",
    "messageId": "eu-01-1.19910.nrl583d65f60cdc75.96102916",
    "msc": null,
    "networkCode": 12345,
    "number": "1234567890",
    "operator": "(SPAIN)ORANGE",
    "reasonCode": 0,
    "resultType": 0,
    "salesPrice": 0.00011,
    "salesPriceCurrencyCode": "eur",
    "status": "delivered",
    "statusCode": 1,
    "tag": null,
    "resultTimestamp": "",
    "validity": 60,
    "validUntilDateTime": "",
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/numberlookup\/submit\/eu-01-1.19910.nrl583d65f60cdc75.96102916"
        }
    }
}

HTTP Endpoint

GET /v1/numberlookup/submit/:messageId

Arguments

Key Type Description
messageId String Required. The messageId returned with the verification submit.

Get number lookup results

To get Number Lookup results:

curl https:///v1/numberlookup/poll \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

The response will look like this:

{
    "batchId": "12467857ea2d2f8867d3.73020448",
    "count": 1,
    "_embedded": {
        "messages": [
            {
                "applicationTag": "Default application",
                "callbackUrl": null,
                "countryCode": "es",
                "createdDateTime": "",
                "imsi": "214031500000000",
                "messageId": "eu-01-1.19910.nrl583d65f60cdc75.96102916",
                "msc": null,
                "networkCode": 12345,
                "number": "1234567890",
                "operator": "(SPAIN)ORANGE",
                "reason": 0,
                "resultType": 0,
                "salesPrice": 0.00011,
                "salesPriceCurrencyCode": "eur",
                "status": "delivered",
                "statusCode": 1,
                "tag": null,
                "resultTimestamp": "",
                "validity": 60,
                "validUntilDateTime": "",
                "_links": {
                    "self": {
                        "href": "https:\/\/\/v1\/numberlookup\/submit\/eu-01-1.19910.nrl583d65f60cdc75.96102916"
                    }
                }
            }
        ]
    },
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/numberlookup\/poll\/12467857ea2d2f8867d3.73020448"
        }
    }
}

Depending on the value of the resultType field when submitting the Number Lookup, you can poll for Number Lookup results. Each time you check for delivery reports you will receive up to maximum 10 results at a time. When you received the results you will need to confirm them so that our system knows you received them correctly. When you are using one of our libraries or SDK's you do not have to confirm the results, it will be done for you, so you don't have to confirm.

HTTP Endpoint

GET /v1/numberlookup/poll

Arguments

None.

Confirm Number Lookup results

To confirm Number Lookup results:

curl -X DELETE https:///v1/numberlookup/poll/:batchId \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

HTTP Endpoint

DELETE /v1/numberlookup/poll/:batchId

Arguments

Key Description
batchId The batchId returned when retrieving the Number lookup results.

Number lookup result webhook

The number lookup result will look like this:

{
    "applicationTag": "Default application",
    "callbackUrl": null,
    "countryCode": "es",
    "createdDateTime": "",
    "imsi": "214031500000000",
    "messageId": "eu-01-1.19910.nrl583d65f60cdc75.96102916",
    "msc": null,
    "networkCode": 12345,
    "number": "1234567890",
    "operator": "(SPAIN)ORANGE",
    "reasonCode": 0,
    "resultType": 0,
    "salesPrice": 0.00011,
    "salesPriceCurrencyCode": "eur",
    "status": "delivered",
    "statusCode": 1,
    "tag": null,
    "resultTimestamp": "",
    "validity": 60,
    "validUntilDateTime": "",
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/numberlookup\/submit\/eu-01-1.19910.nrl583d65f60cdc75.96102916"
        }
    }
}

In case you have requested to receive the number lookup results via a webhook, the system will do a HTTP POST to your configured URL.

Number Lookup Reason codes

Reason code Description
1 Absent subscriber (phone is switched off, phone out of coverage, roaming, etc.).
9 Unknown subscriber (number not known in network).
13 Operator barred the number.
30 Operator cannot be determined based on the number therefore no number lookup can be performed.
53 Rejected as you are not allowed to perform number lookups for this operator/country.
61 An unknown error occurred.
75 Number lookup aborted due to network issues.

Address book fields

With the address book API you can manage the fields of the address book.

Properties

Fields are represented as follows:

{
    "displayName": "First name",
    "key": "firstName",
    "type": "string",
    "_links" : {
        "self" : {
           "href" : "https:///addressbook/v1/field/firstName"
        }
     },
}
Property Type Description
displayName String Not null. The name of the field as shown in the portal.
key String Not null. The unique identifier of the field. Allowed characters of the key are a-z, A-Z and _.
type String Not null. The field type. See below for the possible types.

type can be one of the following values:

Type Description
string A string with a maximum length of 32 characters.
int An integer value.
mobile A mobile number in international format, with leading + or 00. The minimum length is 8 digits and the maximum length is 16 digits.
push A Push ID. See also Push API specification.
email An email address.
date A date value in the format of YYYY-MM-DD.
dateTime A datetime is in ISO-8601 format.

Get fields

To get all fields:

curl https:///addressbook/v1/field \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

The response looks like this:

{
    "fields": [
        {
            "displayName": "First name",
            "key": "firstName",
            "type": "string",
            "_links" : {
                "self" : {
                   "href" : "https:///addressbook/v1/field/firstName"
                }
             }
        },
        {
            "displayName": "Last name",
            "key": "lastName",
            "type": "string",
            "_links" : {
                "self" : {
                   "href" : "https:///addressbook/v1/field/lastName"
                }
             }
        },
        {
            "displayName": "Address",
            "key": "address",
            "type": "string",
            "_links" : {
                "self" : {
                   "href" : "https:///addressbook/v1/field/address"
                }
             }
        },
        {
            "displayName": "City",
            "key": "city",
            "type": "string",
            "_links" : {
                "self" : {
                   "href" : "https:///addressbook/v1/field/city"
                }
             }
        },
        {
            "displayName": "Country",
            "key": "country",
            "type": "string",
            "_links" : {
                "self" : {
                   "href" : "https:///addressbook/v1/field/country"
                }
             }
        },
        {
            "displayName": "Zip code",
            "key": "zipCode",
            "type": "string",
            "_links" : {
                "self" : {
                   "href" : "https:///addressbook/v1/field/zipCode"
                }
             }
        },
        {
            "displayName": "Company",
            "key": "company",
            "type": "string",
            "_links" : {
                "self" : {
                   "href" : "https:///addressbook/v1/field/company"
                }
             }
        },
        {
            "displayName": "Birthday",
            "key": "birthday",
            "type": "date",
            "_links" : {
                "self" : {
                   "href" : "https:///addressbook/v1/field/birthday"
                }
             }
        },
        {
            "displayName": "Website",
            "key": "website",
            "type": "string",
            "_links" : {
                "self" : {
                   "href" : "https:///addressbook/v1/field/website"
                }
             }
        },
        {
            "displayName": "Mobile number",
            "key": "mobileNumber",
            "type": "mobile",
            "_links" : {
                "self" : {
                   "href" : "https:///addressbook/v1/field/mobileNumber"
                }
             }
        },
        {
            "displayName": "Email address",
            "key": "email",
            "type": "email",
            "_links" : {
                "self" : {
                   "href" : "https:///addressbook/v1/field/email"
                }
             }
        }
    ]
}

Get all configured fields for the address book.

HTTP Endpoint

GET /addressbook/v1/field

Arguments

None.

Get field

To get a field:

curl https:///addressbook/v1/field/<KEY> \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

The response looks like this:

{
    "displayName": "First name",
    "key": "firstName",
    "type": "string",
    "_links" : {
        "self" : {
           "href" : "https:///addressbook/v1/field/firstName"
        }
     }
}

Get the address book field.

HTTP Endpoint

GET /addressbook/v1/field/:key

Arguments

Key Type Description
key string Required. The unique key of the field.

Add fields

To add fields:

curl -X POST https:///addressbook/v1/field \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>" \
    -d '{
        "fields" : [
            {
                "key": "fieldOne",
                "type": "string",
                "displayName": "Field 1"
            }
        ]
    }'

HTTP Endpoint

POST /addressbook/v1/field

Arguments

Key Type Description
fields Array Required. An array with fields and per field the items key, type and displayName.

Update field

To update a field:

curl -X PUT https:///addressbook/v1/field/<KEY> \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>" \
    -d '{
        "key": "fieldOne",
        "type": "string",
        "displayName": "Field One"
    }'

The response looks like this:

{
    "displayName": "Field One",
    "key": "fieldOne",
    "type": "string",
    "_links" : {
        "self" : {
           "href" : "https:///addressbook/v1/field/firstName"
        }
     }
}

HTTP Endpoint

PUT /addressbook/v1/field/:key

Arguments

Key Type Description
key String Required. The key of the field to be updated.
properties Array Required. An array with the items key, type and displayName. Only the item fieldName can be updated.

Delete field

To delete a field:

curl -X DELETE https:///addressbook/v1/field/<KEY> \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

HTTP Endpoint

DELETE /addressbook/v1/field/:key

Arguments

Key Type Description
key String Required. The key of the field to be removed.

Delete all fields

To delete all fields:

curl -X DELETE https:///addressbook/v1/field \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

HTTP Endpoint

DELETE /addressbook/v1/field

Address book contacts

Properties

Contacts are represented as follows:

{
    "attributes": {
        "birthday": null,
        "city": null,
        "company": null,
        "country": null,
        "customDate": null,
        "customDateTime": null,
        "customNumber": null,
        "customText": null,
        "firstName": "John",
        "lastName": "Doe",
        "remarks": null,
        "street": null,
        "tag": null,
        "website": null,
        "zip": null
    },
    "created": "",
    "id": "37d1c172-0b75-4786-972d-68070906f601",
    "_links" : {
        "self" : {
           "href" : "https:///addressbook/v1/contact/37d1c172-0b75-4786-972d-68070906f601"
        }
     }
}
Property Type Description
attributes Array Not null. The attributes of the contact. See below for the available attributes.
created String Not null. The datetime the contact was created. The datetime is in ISO-8601 format.
id String Not null. The unique identifier of the contact. The id is a UUID.

attributes is an array of field attributes configured for the address book. You can manage the fields of you address book via the API.

Get contacts

To get contacts:

#get all contacts
curl https:///addressbook/v1/contact \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

#get contacts based on filters
curl 'https:///addressbook/v1/contact?operator=or&filter[attributes.lastName][eq]=Doe' \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

The response will look like this:

{
    "contacts": [
        {
            "attributes": {
                "birthday": null,
                "city": null,
                "company": null,
                "country": null,
                "customDate": null,
                "customDateTime": null,
                "customNumber": null,
                "customText": null,
                "firstName": "John",
                "lastName": "Doe",
                "remarks": null,
                "street": null,
                "tag": null,
                "website": null,
                "zip": null
            },
            "created": "",
            "id": "3f9bc3a4-3b02-4563-8e52-0a673266afe9",
            "_links" : {
                "self" : {
                    "href" : "https:///addressbook/v1/contact/3f9bc3a4-3b02-4563-8e52-0a673266afe9"
                }
             }
        }
    ],
    "fields": [
        {
            "displayName": "First name",
            "key": "firstName",
            "type": "string",
            "_links" : {
              "self" : {
                  "href" : "https:///addressbook/v1/field/firstName"
              }
            }
        },
        {
            "displayName": "Last name",
            "key": "lastName",
            "type": "string",
            "_links" : {
                "self" : {
                    "href" : "https:///addressbook/v1/field/lastName"
                }
             }
        },
        {
            "displayName": "Address",
            "key": "address",
            "type": "string",
            "_links" : {
                "self" : {
                    "href" : "https:///addressbook/v1/field/address"
                }
             }
        },
        {
            "displayName": "City",
            "key": "city",
            "type": "string",
            "_links" : {
                "self" : {
                    "href" : "https:///addressbook/v1/field/city"
                }
             }
        },
        {
            "displayName": "Country",
            "key": "country",
            "type": "string",
            "_links" : {
                "self" : {
                    "href" : "https:///addressbook/v1/field/country"
                }
             }
        },
        {
            "displayName": "Zip code",
            "key": "zipCode",
            "type": "string",
            "_links" : {
                "self" : {
                    "href" : "https:///addressbook/v1/field/zipCode"
                }
             }
        },
        {
            "displayName": "Company",
            "key": "company",
            "type": "string",
            "_links" : {
                "self" : {
                    "href" : "https:///addressbook/v1/field/company"
                }
             }
        },
        {
            "displayName": "Birthday",
            "key": "birthday",
            "type": "date",
            "_links" : {
              "self" : {
                    "href" : "https:///addressbook/v1/field/birthday"
              }
            }
        },
        {
            "displayName": "Website",
            "key": "website",
            "type": "string",
            "_links" : {
                "self" : {
                    "href" : "https:///addressbook/v1/field/website"
                }
             }
        },
        {
            "displayName": "Mobile number",
            "key": "mobileNumber",
            "type": "mobile",
            "_links" : {
                "self" : {
                    "href" : "https:///addressbook/v1/field/mobileNumber"
                }
             }
        },
        {
            "displayName": "Email address",
            "key": "email",
            "type": "email",
            "_links" : {
               "self" : {
                  "href" : "https:///addressbook/v1/field/email"
               }
            }
        }
    ],
    "total": 1
}

Get all contacts or get contacts based on filters.

HTTP Endpoint

GET /addressbook/v1/contact?operator=:operator&filter=:filter

Arguments

Key Type Description
operator String Optional. The operator used between the filters. Possible values are and and or.
filter Array Optional. An array of filters. A filter has a key with an array of operators with values. For more information and examples of filters, please check Filter Contacts .

Get contact

To get a contact:

curl https:///addressbook/v1/contact/<ID> \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

The response will look like this:

{
    "attributes": {
        "birthday": null,
        "city": null,
        "company": null,
        "country": null,
        "customDate": null,
        "customDateTime": null,
        "customNumber": null,
        "customText": null,
        "firstName": "John",
        "lastName": "Doe",
        "remarks": null,
        "street": null,
        "tag": null,
        "website": null,
        "zip": null
    },
    "created": "",
    "id": "37d1c172-0b75-4786-972d-68070906f601",
    "_links" : {
        "self" : {
           "href" : "https:///addressbook/v1/contact/37d1c172-0b75-4786-972d-68070906f601"
        }
     }
}

HTTP Endpoint

GET /addressbook/v1/contact/:id

Arguments

Key Type Description
id String Required. The unique identifier of the contact.

Update contact

To update a contact:

curl -X PUT https:///addressbook/v1/contact/<ID> \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

HTTP Endpoint

DELETE /addressbook/v1/contact/:id

Arguments

Key Type Description
id String Required. The unique identifier of the contact.

Delete contact

To delete a contact:

curl -X DELETE https:///addressbook/v1/contact/<ID> \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

HTTP Endpoint

DELETE /addressbook/v1/contact/:id

Arguments

Key Type Description
id String Required. The unique identifier of the contact.

Delete contacts

To delete contacts:

#delete all contacts
curl -X DELETE https:///addressbook/v1/contact \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

#delete contacts based on filters
curl -X DELETE 'https:///addressbook/v1/contact?operator=or&filter[attributes.lastName][eq]=Doe' \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

Delete all contacts or delete contacts based on filters.

HTTP Endpoint

DELETE /addressbook/v1/contact?operator=:operator&filter=:filter

Arguments

Key Type Description
operator String Optional. The operator used between the filters. Possible values are and and or.
filter Array Optional. An array of filters. A filter has a key with an array of operators with values. For more information and examples of filters, please check Filter Contacts.

Filters contacts

When you have many contacts in your address book and you want to to clean up or export your contacts, you can on filter them.

When you filter on contacts, you have to set one or more filters and an operator between the filters.

Filter format:

{
   "fieldKey" : {
        "operator" : "value"
   },
}
Item Description
fieldKey the key of the address book field you want to filter on.
operator how you want to match the value. See below for the possible operator values.
value the actual value you want to filter on.

For a `fieldKey` you can set multiple `operator` and `value` combinations. You can do this by comma separate them.

Operator Description Field Type Remark
eq Equal All The value of the field must exactly match the specified value.
ne Not Equal All The value of the field must not match the specified value.
in Contains String The value of the field must contain the specified value.
nin Does not contain String The value of the field must not contain the specified value
gte Greater than or equal Date, datetime, numeric The value of the field must be greater than or equal to the specified value.
lte less then or equal Date, datetime, numeric The value of the field must be less than or equal to the specified value.
between Between 2 values Date, datetime, numeric The value of the field must be between the specified values. Two values will need to be specified.
null Field is null All The value of the field empty. No value has to be specified.
notnull Field is not null All The value of the field must not be empty. No value has to be specified.
sw Starts with String The value of the field must not starts with the specified value.
ew Ends with String The value of the field must not ends with the specified value.

Example Filter John Doe

The operator you specify is either `and` or `or`. When you set `and` as the operator it means that all contacts will be returned which match all filters. When you set `or` as operator, all contacts which match at least one operator are returned.

Example "Filter John Doe"


//get contacts based on filters
curl 'https:///addressbook/v1/contact?operator=or&filter[attributes.lastName][eq]=Doe&filter[attributes.firstName][eq]=John' \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

Note: when filtering for contacts and more than 100 contacts are found, only 100 contacts will be returned. If you want to get all found contacts, you can download contacts (link to api doc) as a CSV file or in JSON.

Wildcards

For date and datetime fields, you can use wildcards. You can replace each digits in the date or datetime value with a `*`. It will then not check for a specific digit at the place, but any digit would do. For example, when you would like to filter for contacts which have their birthday on March 14 (Pi Day 😀), you can replace the year in the value with `*`.

Examples

//Example 1 : This will filter for contacts with first name `john` or `jane`.
$operator = 'or'; 
$filters = array( 
    'firstName' => array( 
        'eq'=> array('john','jane') 
    )
);

//Example 2
//This will filter for contacts where the first name contains `john`
//and the mobile number starts with `65` or `62`.
$operator = 'or'; 
$filters = array( 
    'firstName' => array( 
        'in'=> 'john', 
    ),
    'mobile' => array( 
        'sw'=> array('65','62'), 
    )
);

//Example 3
//This will filter for contacts where
//the first name is not `john` or `jane`
//and the last name is not `doe`.
$operator = 'and'; 
$filters = array( 
    'firstName' => array( 
        'ne'=> array('john','jane') 
    ),
    'lastName' => array( 
        'ne'=> 'doe', 
    )
);

//Example 4
//This will filter for contacts where
//the customerInt field has a value >= 1 and <= 100.
$operator = 'and'; 
$filters = array( 
    'customInt' => array( 
        'between'=> '1,100', 
    )
);

//Example 5
//This will filter for contacts where
//the firstName is not empty.
$operator = 'and'; 
$filters = array( 
    'firstName' => array( 
        'nn'=> null, 
    )
);

//Example 6
//This will filter for contacts
//on birthday with a wild card.
$operator = 'and'; 
$filters = array( 
    'birthday' => array( 
        'eq'=> '****-03-14', 
    )
);

E-mail

Properties

E-mail messages are represented as follows:

{
   "subject" : "Hello world",
   "supplierMessageId" : "<20190226131239.1.EDE18535B9C95827@m.silverstreet.com>",
   "cc" : [],
   "callbackUrl" : null,
   "to" : [
      "john@doe.com"
   ],
   "_links" : {
      "self" : {
         "href" : "https:///email/v1/email/80fef11f386a75f8f3b29433aaf54a4e00020002"
      }
   },
   "html" : "<p>Hello world</p>",
   "text" : "Hello world",
   "id" : "80fef11f386a75f8f3b29433aaf54a4e00020002",
   "status" : "delivered",
   "bcc" : [],
   "events" : [
      {
         "deliveryStatusCode" : 250,
         "event" : "delivered",
         "severity" : null,
         "received" : "2019-02-26T13:12:40+00:00",
         "url" : null,
         "deliveryStatusMessage" : "OK"
      },
      {
         "severity" : null,
         "event" : "opened",
         "deliveryStatusCode" : null,
         "url" : null,
         "deliveryStatusMessage" : null,
         "received" : "2019-02-26T13:18:58+00:00"
      }
   ],
   "supplierType" : "mailgun",
   "from" : "\"John Doe\" <john.doe@silverstreet.com>",
   "received" : "2019-02-26T13:12:38+00:00"
}
Property Type Description
subject String Not null. The subject of the e-mail
supplierMessageId String Can be null. The id returned by the supplier on submitting the e-mail to the supplier.
cc Array Not null. An array of email addresses added as cc (copy) of the e-mail.
callbackUrl String Can be null. The callback URL set by your system upon submitting the e-mail. The callback URL will be used to send events for the e-mail. When no callback URL is set, no events will be submitted.
to Array Not null. An array of email addresses added as to of the e-mail.
html String Not null. The HTML body of the e-mail.
text String Not null. The plain-text body of the e-mail. By most e-mail clients this is shown when the user has disabled HTML content or the client doesn't support HTML.
id String Not null. Unique identifier of the e-mail returned by the API when submitting the e-mail.
status String Not null. The status of the e-mail. See below for possible values.
bcc Array Not null. An array of email addresses added as bcc (blind-copy) of the e-mail.
events Array Not null. An array with events returned by the supplier. The information in an event depends on the used supplier.
supplierType String Not null. The supplier used for sending e-mail.
from String Not null. The email address, and optionally the name of the author(s). Possible format: "John Doe" <john.doe@silverstreet.com>.
received String Not null. The datetime the e-mail was received by the API. The datetime is in ISO-8601 format.
variables Array Can be null. An array with per to e-mail address an array with variables which will be replaced in the subject, HTML and text fields with the corresponding values. See Create e-mail message for more information.

Possible status values of an e-mail are:

Status Description
new The e-mail message is accepted by the API..
sent The e-mail message is sent successfully.
delivered The e-mail message is delivered successfully.
undelivered The e-mail message could not be delivered.
error The e-mail message is rejected by the supplier.

Get e-mail messages

To get e-mail messages:

curl https:///email/v1/email \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

The response will look like this:

{
   "email" : [
       {
          "subject" : "Hello world",
          "supplierMessageId" : "<20190226131239.1.EDE18535B9C95827@m.silverstreet.com>",
          "cc" : [],
          "callbackUrl" : "https:///v0/callback/email-api/email/15d62888-79cd-41f2-9706-e47b1f7096a9?token=031f4b95ec77cf73e6773a180ac012ca596354e3e505dc7556fb8bc8c99a2abb",
          "to" : [
             "john@doe.com"
          ],
          "_links" : {
             "self" : {
                "href" : "https:///email/v1/email/80fef11f386a75f8f3b29433aaf54a4e00020002"
             }
          },
          "html" : "<p>Hello world</p>",
          "text" : "Hello world",
          "id" : "80fef11f386a75f8f3b29433aaf54a4e00020002",
          "status" : "delivered",
          "bcc" : [],
          "events" : [
             {
                "deliveryStatusCode" : 250,
                "event" : "delivered",
                "severity" : null,
                "received" : "2019-02-26T13:12:40+00:00",
                "url" : null,
                "deliveryStatusMessage" : "OK"
             },
             {
                "severity" : null,
                "event" : "opened",
                "deliveryStatusCode" : null,
                "url" : null,
                "deliveryStatusMessage" : null,
                "received" : "2019-02-26T13:18:58+00:00"
             }
          ],
          "supplierType" : "mailgun",
          "from" : "\"John Doe\" <john.doe@silverstreet.com>",
          "received" : "2019-02-26T13:12:38+00:00"
       }
   ],
    "limit" : 10,
    "_links" : {
       "last" : {
          "href" : "https:///email/v1/email?page=1&limit=10"
       },
       "self" : {
          "href" : "https:///email/v1/email?page=1&limit=10"
       },
       "first" : {
          "href" : "https:///email/v1/email?page=1&limit=10"
       }
    },
    "page" : 1,
    "total" : 1
}

HTTP Endpoint

GET /email/v1/email?page=:page&limit=:limit

Arguments

Key Type Description
page Integer Optional. The page number you want to retrieve. The number of pages depends on the total e-mail messages and the limit value. Default value of page is 1.
limit Integer Optional. The number of e-mail messages per page. The default value is 10.

Get e-mail message

To get a e-mail message:

curl https:///email/v1/email/<ID> \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

The response will look like this:

{
   "subject" : "Hello world",
   "supplierMessageId" : "<20190226131239.1.EDE18535B9C95827@m.silverstreet.com>",
   "cc" : [],
   "callbackUrl" : "https:///v0/callback/email-api/email/15d62888-79cd-41f2-9706-e47b1f7096a9?token=031f4b95ec77cf73e6773a180ac012ca596354e3e505dc7556fb8bc8c99a2abb",
   "to" : [
      "john@doe.com"
   ],
   "_links" : {
      "self" : {
         "href" : "https:///email/v1/email/80fef11f386a75f8f3b29433aaf54a4e00020002"
      }
   },
   "html" : "<p>Hello world</p>",
   "text" : "Hello world",
   "id" : "80fef11f386a75f8f3b29433aaf54a4e00020002",
   "status" : "delivered",
   "bcc" : [],
   "events" : [
      {
         "deliveryStatusCode" : 250,
         "event" : "delivered",
         "severity" : null,
         "received" : "2019-02-26T13:12:40+00:00",
         "url" : null,
         "deliveryStatusMessage" : "OK"
      },
      {
         "severity" : null,
         "event" : "opened",
         "deliveryStatusCode" : null,
         "url" : null,
         "deliveryStatusMessage" : null,
         "received" : "2019-02-26T13:18:58+00:00"
      }
   ],
   "supplierType" : "mailgun",
   "from" : "\"John Doe\" <john.doe@silverstreet.com>",
   "received" : "2019-02-26T13:12:38+00:00"
}

HTTP Endpoint

GET /email/v1/email/:id

Arguments

Key Type Description
id String Required. The unique id of the e-mail message and returned when submitting the e-mail message.

Create e-mail message

To create a e-mail message:

curl -X POST https:///email/v1/email \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>" \
    -d '{
        "to" : ["john@doe.com"],
        "subject" : "Hello world",
        "html" : "<p>Hello world</p>",
        "text" : "Hello world",
        "from" : "\"John Doe\" <john.doe@silverstreet.com>"
    }'

#Example with variables:
    -d '{
        "to" : ["john@doe.com"],
        "subject" : "Hello %var1%",
        "html" : "<p>Hello world</p>",
        "text" : "Hello world",
        "from" : "\"John Doe\" <john.doe@silverstreet.com>",
        "variables" : {
            "john@doe.com" : {
                "var1" : "world"
            }
        }
    }'

The response will look like this:

{
   "count" : 1,
   "batchId" : "aec97e2f469623db98ba67f381e451050001"
}

Variables

When submitting e-mail messages you can use variables to customize your e-mails. Per to e-mail address you can set the variables. Variables in the subject, HTML and text fields will be replaced with the corresponding value. Variables need to be placed between %, for example %var1%. You can also set a default value in case the variable is not set or is empty. You can do that like this: %var1|Default%. See also tutorial How to use personalise your campaigns for more information.

Response

Property Type Description
count Integer Not null. The number of e-mail created on submit.
batchId Integer Not null. A unique identifier of the e-mail batch created. The id's of the e-mails created for the batch will be the batch ID plus the counter. So if the batch id is aec97e2f469623db98ba67f381e451050001 and you want to retrieve the first e-mail of the batch, you have a append 0001 to the batch id. So the id of the e-mail will be aec97e2f469623db98ba67f381e4510500010001.

HTTP Endpoint

POST /email/v1/email

Arguments

Property Type Description
subject String Required. The subject of the e-mail
cc Array Optional An array of email addresses added as cc (copy) of the e-mail.
callbackUrl String Optional. The callback URL set by your system upon submitting the e-mail. The callback URL will be used to send events for the e-mail. When no callback URL is set, no events will be submitted.
to Array Required. An array of email addresses added as to of the e-mail.
html String Required. The HTML body of the e-mail.
text String Required. The plain-text body of the e-mail. By most e-mail clients this is shown when the user has disabled HTML content or the client doesn't support HTML.
bcc Array Optional. An array of email addresses added as bcc (blind-copy) of the e-mail.
from String Required. The email address, and optionally the name of the author(s). Possible format: "John Doe" <john.doe@silverstreet.com>.
variables Array Optional. An array with per to e-mail address an array with variables which will be replaced in the subject, HTML and text fields with the corresponding values. See Create e-mail message for more information.

Push

Properties

Push messages are represented as follows:

{
    "callbackId": "488fe3e4-00bc-4227-a384-f0e0be689e8c",
    "data": "{\"to\":\"f4XzKr1VSmI:APA28baA6_1ClL53qNcEfAxR2Ci8Va8vISSoTVDArMduD1VBkO8iXSU4Gygux-lqxUQgi49bMY8mkyrSgcNMx6vURf1Rnd7moHGWScOzNoF9bvkgSnM4pAd2SZHxHGnZ1a4mQQ5iRdil\",\"priority\":\"high\",\"time_to_live\":60,\"data\":{\"type\":\"verify\",\"token\":\"883103\",\"datetime\":\"\"}}",
    "id": "f39a87015dc1d76204798f211f701f0b",
    "received": "",
    "status": "sent",
    "supplierMessageId": "0:1541429027866250%7170e3c6f9fd7ecd",
    "_links": {
        "self": {
            "href": "https:\/\/\/push\/v1\/push\/f39a87015dc1d76204798f211f701f0b"
        }
    }
}
Property Type Description
callbackId String Not null. For future use.
data String Not null. The JSON data sent as push message.
id String Not null. The unique identifier of the push message.
received String Not null. The datetime the push message was sent. The datetime is in ISO-8601 format.
status String Not null. The status of the push message. See below table for possible status values.
supplierMessageId String Not null. The id returned by the supplier when sending the message.
Status Description
new The push message is accepted by the API..
sent The push message is sent successfully.
error The push message is rejected by the supplier.

Get push messages

To get push messages:

curl https:///push/v1/push \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

The response will look like this:

{
    "limit": 1,
    "page": 1,
    "push": [
        {
            "callbackId": "488fe3e4-00bc-4227-a384-f0e0be689e8c",
            "data": "{\"to\":\"f4XzKr1VSmI:APA28baA6_1ClL53qNcEfAxR2Ci8Va8vISSoTVDArMduD1VBkO8iXSU4Gygux-lqxUQgi49bMY8mkyrSgcNMx6vURf1Rnd7moHGWScOzNoF9bvkgSnM4pAd2SZHxHGnZ1a4mQQ5iRdil\",\"priority\":\"high\",\"time_to_live\":60,\"data\":{\"type\":\"verify\",\"token\":\"883103\",\"datetime\":\"\"}}",
            "id": "f39a87015dc1d76204798f211f701f0b",
            "received": "",
            "status": "sent",
            "supplierMessageId": "0:1541429027866250%7170e3c6f9fd7ecd",
            "_links": {
                "self": {
                    "href": "https:\/\/\/push\/v1\/push\/f39a87015dc1d76204798f211f701f0b"
                }
            }
        }
    ],
    "total": 1,
    "_links": {
        "first": {
            "href": "https:\/\/\/push\/v1\/push?page=1&limit=10"
        },
        "last": {
            "href": "https:\/\/\/push\/v1\/push?page=1&limit=10"
        },
        "self": {
            "href": "https:\/\/\/push\/v1\/push?page=1&limit=10"
        }
    }
}

HTTP Endpoint

GET /push/v1/push?page=:page&limit=:limit

Arguments

Key Type Description
page Integer Optional. The page number you want to retrieve. The number of pages depends on the total push messages and the limit value. Default value of page is 1.
limit Integer Optional. The number of push messages per page. The default value is 10.

Get push message

To get a push message:

curl https:///push/v1/push/<ID> \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"

The response will look like this:

{
    "callbackId": "488fe3e4-00bc-4227-a384-f0e0be689e8c",
    "data": "{\"to\":\"f4XzKr1VSmI:APA28baA6_1ClL53qNcEfAxR2Ci8Va8vISSoTVDArMduD1VBkO8iXSU4Gygux-lqxUQgi49bMY8mkyrSgcNMx6vURf1Rnd7moHGWScOzNoF9bvkgSnM4pAd2SZHxHGnZ1a4mQQ5iRdil\",\"priority\":\"high\",\"time_to_live\":60,\"data\":{\"type\":\"verify\",\"token\":\"883103\",\"datetime\":\"\"}}",
    "id": "f39a87015dc1d76204798f211f701f0b",
    "received": "",
    "status": "sent",
    "supplierMessageId": "0:1541429027866250%7170e3c6f9fd7ecd",
    "_links": {
        "self": {
            "href": "https:\/\/\/push\/v1\/push\/f39a87015dc1d76204798f211f701f0b"
        }
    }
}

HTTP Endpoint

GET /push/v1/push/:id

Arguments

Key Type Description
id String Required. The unique id of the push message and returned when submitting the push message.

Create push message

To create a push message:

curl -X POST https:///push/v1/push \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>" \
    -d '{
        "push":[
            {
            "data":"\"to\":\"<PUSH_ID>\",\"priority\":\"high\",\"time_to_live\":60,\"data\":{\"field1\":\"value1\",\"field2\":\"value2\"}}"
            }
        ]
    }'

The response will look like this:

{
    "callbackId": "488fe3e4-00bc-4227-a384-f0e0be689e8c",
    "data": "{\"to\":\"f4XzKr1VSmI:APA28baA6_1ClL53qNcEfAxR2Ci8Va8vISSoTVDArMduD1VBkO8iXSU4Gygux-lqxUQgi49bMY8mkyrSgcNMx6vURf1Rnd7moHGWScOzNoF9bvkgSnM4pAd2SZHxHGnZ1a4mQQ5iRdil\",\"priority\":\"high\",\"time_to_live\":60,\"data\":{\"field1\":\"value1\",\"field2\":\"value2\"}}",
    "id": "f39a87015dc1d76204798f211f701f0b",
    "received": "",
    "status": "sent",
    "supplierMessageId": "0:1541429027866250%7170e3c6f9fd7ecd",
    "_links": {
        "self": {
            "href": "https:\/\/\/push\/v1\/push\/f39a87015dc1d76204798f211f701f0b"
        }
    }
}

HTTP Endpoint

POST /push/v1/push

Arguments

Key Type Description
callbackId Integer Optional. For future use. When not set, the system will generate one.
push Array Required. An array with push messages you want to send. Per push message you can to set the data field, see below.
data String Required. The JSON data to be send as push message. See our tutorial (link) for more information what data to send.

Testing

Introduction

We offer an easy way to test your integration of our API into your system. Free of charge.

To use our sandbox environment you have to use a test application. Go to the applications list in our portal and get the API key of a test application. If you do not have a test application yet, you can easily create one. Click on 'Add application', enter a name you want to call the application, select the 'Test application' checkbox and press the Create button. When the application is created, open it and there you see the API key of the test application and you can start sending test messages.

How it works:
Each Silverstrete API call you do with the test API key is validated as normal, so when you send incorrect parameters the call will be rejected (see Errors for more details on the possible errors). When the call is valid, the Silverstreet API checks the last 5 digits of the phone number you set. Based on those last digits the testing environment will influence the behaviour of the message. How it behaves depends on the type of message you want to send and the last 5 digits you set.

Notes:

If you are missing an option to cover a test case, please contact us and we will add that option.

Verification

With the testing environment you can fully test your verification flow. By filling in the phone number you can control the test verification. In the table below you can find an overview of the possible last 5 digits of the phone number. Anything not described in the table will have undefined behaviour but can be used in the future to cover other test scenarios.

Key Type Description
00XXX 0 no status
01XXX 1 success
02XXX 2 rejected Last 3 digits number (Reason codes)
03XXX 3 expired
04XXX 4 failed

In all these cases the verification is accepted by the API, so you will get a HTTP status code in the range of 2xx. After the call is accepted the verification will have the status as defined in the table.

When you request a test verification, a token will be generated as well. The generated token will have a defined value based on the token type (default value: numeric) and length (default value: 6) you set as you can see in this table:

Token length Numeric Alphanumeric
4 0123 A123
5 01234 A1234
6 012345 A12345
7 0123456 A123456
8 01234567 A1234567
9 012345678 A12345678
10 0123456789 A123456789

Example 1 - Test normal verification flow

To test the normal verification flow, submit a verification with a recipient number ending with '00xxx'. If you do not specify the tokenType and tokenLength, the token of this verification will be '012345'. So if you want to test the response when the token is valid enter the token 012345 or if you want to test the response for an invalid token enter any token other then '012345'. If you want to test the response for an expired token wait till the validity is expired, by default 60 seconds, and then verify the token or use a phone number ending with '03xxx'.

Example 2 - Test verify a successful token again

In this case the verification your submitted verification will directly go the status 'success'. So when you perform a verifyToken on it, you will a HTTP status '423 - Locked' with errorCode 101.

Example 3 - Test verify an expired verification

In this example we submit a verification where the verification will directly be set to expired. When you verify the token you will get the response that it is expired. Submit a verification with a recipient number ending with '03xxx'. When you verify the token you will get the HTTP status code '423 - Locked' with errorCode 102.

Verification widget

With the testing environment you can fully test your verification widget flow. By filling in the phone number you can control the test verification for sms and call. When you set a recipient ending with '00000', you can use the token '012345' as a valid token. When you set another recipient, the token will be a random number (and therefor hard to enter the correct token ;-)).

For testing backup codes in the widget, you first need to create backup codes using a test API key, see Testing backup codes for more details.

To submit the verification:

curl -X POST https:///v1/verification/submit \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>" \
    -d '{
        "recipient" : "6112340x000", 
    }'
curl -X POST https:///v1/verification/submit \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>" \
    -d '{
        "recipient" : "6112340x000", 
    }'

To verify the verification with the correct token:

curl -X POST https:///v1/verification/submit/<MESSAGE_ID>?token=012345 \
    -u "silverstreet:<API_KEY>" \
curl -X POST https:///v1/verification/submit/<MESSAGE_ID>?token=012345 \
    -u "silverstreet:<API_KEY>" \

Example 1 result in:

{
    "errorCode": 101,
    "type": "http:\/\/www.w3.org\/Protocols\/rfc2616\/rfc2616-sec10.html",
    "title": "Locked",
    "status": 423,
    "detail": "You are only allowed to check a certain token once."
}

Example 2 result in:

{
    "errorCode": 102,
    "type": "http:\/\/www.w3.org\/Protocols\/rfc2616\/rfc2616-sec10.html",
    "title": "Locked",
    "status": 423,
    "detail": "Verification expired, validity expired on: "
}

Example 3 result in:

{
    "errorCode": 102,
    "type": "http:\/\/www.w3.org\/Protocols\/rfc2616\/rfc2616-sec10.html",
    "title": "Locked",
    "status": 423,
    "detail": "Verification expired, validity expired on: "
}

Backup codes

With the testing environment you can easily test your backup code flow. When you create backup codes for the identifier you have set, a predefined set of backup codes will be returned. These backup codes can be used to test, however in test modes they are only available for 7 days. After that the backup codes are removed.

The predefined test backup codes are:

{
    "00000000",
    "11111111",
    "22222222",
    "33333333",
    "44444444",
    "55555555",
    "66666666",
    "77777777",
    "88888888",
    "99999999"
}

SMS

With the testing environment you can fully test your SMS flow. By filling in the phone number you can control the test SMS, including delivery reports. In the table below you can find an overview of the possible last 5 digits of the phone number. Anything not described in the table will have undefined behaviour but can be used in the future to cover other test scenarios.

Last 5 digits number Status code Status text Reason code
00XXX 0 no status
01XXX 1 delivered
02XXX 2 rejected Last 3 digits number (Reason codes)
03XXX 3 expired Last 3 digits number (Reason codes)
04XXX 4 enroute
05XXX 5 buffered
06XXX 6 accepted
07XXX 7 undelivered Last 3 digits number (Reason codes)
08XXX 8 deleted Last 3 digits number (Reason codes)
09XXX 9 unknown Last 3 digits number (Reason codes)

In all these cases the SMS is accepted by the API, so you will get a HTTP status code in the range of 2xx. After the call is accepted the SMS will have the status as defined in the table.

Example - Test SMS when out of credit

In this example we submit an SMS where it will be rejected due to insufficient credit (reason code 201). Submit an SMS with a recipient number ending with '03201'.

To submit the SMS:

curl -X POST https:///v1/sms/submitsimple \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>" \
    -d '{
    "recipient": ["61123403201" ],
    "body": "This is a rejected message",
    "sender": "SMS"
    }'
curl -X POST https:///v1/sms/submitsimple \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>" \
    -d '{
    "recipient": ["61123403201" ],
    "body": "This is a rejected message",
    "sender": "SMS"
    }'

To retrieve the message status after the submit:

curl https:///v1/sms/submitsimple/<MESSAGE_ID> \ 
    -u "silverstreet:<API_KEY>" \ 
curl https:///v1/sms/submitsimple/<MESSAGE_ID> \ 
    -u "silverstreet:<API_KEY>" \ 

Will result in:

{
    "applicationTag": "Test",
    "body": "This is a rejected message",
    "callbackUrl": null,
    "createdDateTime": ,
    "dcs": 102,
    "messageId": "asia-01-1.6323.sms58b81d6f43fd08.15384596",
    "networkCode": 12345,
    "pid": null,
    "reasonCode": 201,
    "recipient": "61123403201",
    "resultTimestamp": "",
    "resultType": 0,
    "salesPrice": 0,
    "salesPriceCurrencyCode": "usd",
    "scheduledDelivery": null,
    "sender": "Test",
    "senderNpi": 0,
    "senderTon": 5,
    "status": "expired",
    "statusCode": 3,
    "tag": null,
    "udh": null,
    "validity": 259200,
    "validUntilDateTime": "",
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/sms\/submitsimple\/asia-01-1.6323.sms58b81d6f43fd08.15384596"
        }
    }
}

Number Lookup

With the testing environment you can fully test your Number Lookup flow. By filling in the phone number you can control the test Number Lookup, including delivery reports. In the table below you can find an overview of the possible last 5 digits of the phone number. Anything not described in the table will have undefined behaviour but can be used in the future to cover other test scenarios.

Last 5 digits number Status code Status text Reason code
00XXX 0 no status
01XXX 1 delivered
02XXX 2 rejected Last 3 digits number (Reason codes)
03XXX 3 expired Last 3 digits number (Reason codes)
04XXX 4 enroute
05XXX 5 buffered
06XXX 6 accepted
07XXX 7 undelivered Last 3 digits number (Reason codes)
08XXX 8 deleted Last 3 digits number (Reason codes)
09XXX 9 unknown Last 3 digits number (Reason codes)

In all these cases the Number Lookup is accepted by the API, so you will get a HTTP status code in the range of 2xx. After the call is accepted the Number Lookup will have the status as defined in the table.

Example - Test Number Lookup with valid result

In this example we will submit a Number Lookup which will be performed successful and data is returned. Submit an SMS with a recipient number ending with '01xxx'.

To submit the Number Lookup:

curl -X POST https:///v1/numberlookup/submit \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>" \
    -d '{
    "recipient": ["61123401000" ] 
    }'
curl -X POST https:///v1/numberlookup/submit \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>" \
    -d '{
    "recipient": ["61123401000" ] 
    }'

To submit the Number Lookup:

curl https:///v1/numberlookup/submit/<MESSAGE_ID> \ 
    -u "silverstreet:<API_KEY>" \ 
curl https:///v1/numberlookup/submit/<MESSAGE_ID> \ 
    -u "silverstreet:<API_KEY>" \ 

Will result in:

{
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/sms\/submitsimple\/asia-01-1.6323.sms58b81d6f43fd08.15384596"
        }
    },
    "_embedded": {
        "items": [
             { 
                "applicationTag": "Test",
                "callbackUrl": null,
                "countryCode": null,
                "createdDateTime": "",
                "imsi": null,
                "isPorted": "Unknown",
                "isRoaming": "Unknown",
                "messageId": "asia-01-1.6325.nrl58b81f79d3c749.10703469",
                "msc": null,
                "networkCode": null,
                "number": "61123401000",
                "operator": null,
                "reasonCode": null,
                "resultTimestamp": null,
                "resultType": 0,
                "salesPrice": null,
                "salesPriceCurrencyCode": null,
                "status": "no status",
                "statusCode": "0",
                "tag": null,
                "validity": 259200,
                "validUntilDateTime": "",
                "_links": {
                    "self": {
                        "href": "https:\/\/\/v1\/sms\/submitsimple\/asia-01-1.6323.sms58b81d6f43fd08.15384596"
                    }
                }, 
            }
        ]
    },
    "total_items": 1,
}

Widget Guide

Introduction

In this guide we will explain the steps on how to use the Twizo widgets. The Twizo widgets are the easiest way to add 2FA to your website and works on desktops, tablets and mobile devices. If you need help after reading this guide, contact us at support@silverstreet.com.

We have 2 widgets to make the integration of our service in your website easier:

Try out the Twizo verification widget now by clicking the below button. We will simulate sending a token to you. The valid token you can enter is '012345'.

The verification widget supports all verification types to send the token to you and an option to resend if you did not receive it. Also you can show the user to which number the verification will be sent and you can personalise the widget by setting your own logo.

Twizo 2FA Widget

HTTPS requirements

The Twizo widgets are running via secure HTTPS connections. If you want to set your own logo URL, you have to make sure you set a HTTPS connections. If not, the logo will not be shown. We recommend to run your website over HTTPS as well to protect yourself from certain forms of man-in-the-middle attacks.

Verification widget

Integrating the Twizo verification widget is done in 3 simple steps:

  1. Create a verification session.
  2. Open the verification widget.
  3. Verify if the verification session was successful.

Let's explain the steps in more detail.

Step 1: Create a verification session

You start by creating a verification session. When doing that you can set certain parameters like which verification types you want to support, the phone number of the user, token length and type, etc. When the session is created you get a sessionToken. The sessionToken is needed to open the widget.

To create session token:

curl -X POST https:///v1/widget/session \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>" \
    -d '{
    "allowedTypes": ["sms","call" ]
    "recipient": "601234500000" 
    }'
<?php
    $widgetSession = $client->createWidgetSession( array("sms","call"));
    $widgetSession = $client->setRecipient("601234500000");
    $widgetSession = $client->create();
?>

Check our API documentation to see all options you can set when creating a verification session.

Will result in:

{
    "sessionToken": "eu-01_1161130_wid59003566562fe8.59122114e17b",
    "applicationTag": "Default application",
    "bodyTemplate": "Your verification token is %token%",
    "createdDateTime": "2017-04-26T05:51:34+00:00",
    "dcs": null,
    "issuer": null,
    "language": null,
    "recipient": "601234500000",
    "sender": "Twizo",
    "senderNpi": null,
    "senderTon": null,
    "tag": null,
    "tokenLength": 6,
    "tokenType": "numeric",
    "requestedTypes": { 
        "sms", 
        "call"
    ],
    "allowedTypes": { 
        "1": "sms", 
        "2": "call",
    ],
    "validity": null,
    "status": "no status",
    "statusCode": 0,
    "backupCodeIdentifier": null,
    "status": [],
    "verificationIds": [],
    "verification": null,
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/widget\/verification\/session\/eu-01_1161130_wid59003566562fe8.59122114e17b"
        }
    }
}

You will need to use the sessionToken you can find in the response and pass it to the widget, see step 2.

Step 2: Open the widget

Now let's open the widget. You need to include widget.js into your html page and open the widget to show it to the user. Apart from the session token you can do some additional settings like the logo you want to show and the recipient number where the token is sent to.

If malicious people were able to capture the sessionToken, the privacy of the user is still protected. Only if they have the sessionToken and the API key, they are able to collect e.g. the phone number of the user. So always make sure you keep your API key in a safe place.

The URL of the widget.js is: https://cdn.twizo.com/widget.js

Javascript code to open the widget:

Javacript integration:

<script>
    const handler = TwizoWidget.configure();
        sessionToken: sessionToken
    });

    handler.open(function (sessionToken, isError, errorCode, returnData) {
        if (isError) { 
            //verification failed, user should not be logged in
            alert('error: ' + errorCode);
        } else {
            //verification success, user can continue to login 
            alert('success for sessionToken: ' + sessionToken);
        }
    });
</script>

The options you can set for the widget are:

Parameter Description
sessionToken This is a mandatory parameter. The sessionToken of the verification session you created.
logoUrl This is an optional parameter. If you want to personalise the widget, you can set a URL to your logo here. We will reduce the size of the logo to 200 pixels wide and 90 pixels high.

Please note, as the widget is using HTTPS, the link to the logo must be HTTPS as well. See HTTPS for more information.
recipient This is an optional parameter. If you set it, the widget will show it to the user to indicate where the token will be sent to. For privacy reasons we recommend not to specify the full number but e.g. only the last 4 digits. So instead of showing '61123456789' show '***6789'.
askTrusted This is an optional parameter. Possible values are true or false. When it is set to true, the widget will show a checkbox, by default selected, with the text 'Trust this device for x days'. The x will be replaced with the number you fill in for 'trustedDays'. When the widget is closed, the return data contains a property isTrusted indicating if the checkbox was selected or not.
trustedDays This is a mandatory parameter when askTrusted is set to true. You can specify the number to be shown in the sentence 'Trust this device for x days'.

For security reasons we have set a maximum number of retries for the verification and a maximum time of the session. This to prevent users will perform unlimited unsuccessful verifications. The maximum retries is 5 and the maximum session time is 10 minutes.

When the user completed the verification flow, either by entering the correct token, cancelling, reaching maximum number of retries or reaching the maximum session time, the widget will be closed and you will get the sessionToken, isError (true or false), an errorCode (when isError == true) and returnData returned. The returnData will contain the isTrusted property when askTrusted is set to true.

The errorCodes property can be one of the following error codes:

errorCode Description
When isError is true and the errorCode is empty ('') the user aborted the widget.
101 Verification already verified.
104 Verification failed, please contact your administrator
200 Verification already used
201 Verification timeout
202 Max attempts reached
301 Invalid request
310 Verification failed, unable to start new verification
311 Verification failed, unable to start new verification as the session is already verified or failed
312 Verification failed, unable to start new verification as the session has been expired
313 Verification failed, unable to start new verification as the max attempts has been reached

Step 3: Verify if the verification session was successful

When the widget returned the isError == false the user entered the correct token. However to make sure the verification was indeed successful, you can get the status of the verification session. It is not mandatory to get the status of the session after the widget is closed, but we highly recommend this. Even though we have implemented the widget is a secure way, there are always ways for malicious people to, for example, influence the DOM.

To create session token:

curl -X POST https:///v1/widget/session<SESSION_TOKEN>?recipient=<RECIPIENT> \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>"
<?php
    $widgetSession = $client->getWidgetSession($widgetSession->getSessionToken(), $widgetSession->getRecipient()));
?>

Note: to get the status of a session, you need to specify the sessionToken and the recipient number. You need to specify both as the API will check the combination so that malicious people cannot return a successful sessionToken of a different user.

Will result in:

{
    "sessionToken": "eu-01_1161130_wid59003566562fe8.59122114e17b",
    "applicationTag": "Default application",
    "bodyTemplate": "Your verification token is %token%",
    "createdDateTime": "2017-04-26T05:51:34+00:00",
    "dcs": null,
    "issuer": null,
    "language": null,
    "recipient": "601234500000",
    "sender": "Twizo",
    "senderNpi": null,
    "senderTon": null,
    "tag": null,
    "tokenLength": 6,
    "tokenType": "numeric",
    "requestedTypes": { 
        "sms", 
        "call"
    ],
    "allowedTypes": [ 
        "1": "sms", 
        "2": "call"
    ],
    "validity": null,
    "status": "success",
    "statusCode": 0,
    "backupCodeIdentifier": null,
    "status": [], 
    "verificationIds": [ 
        "eu-01-1.17172.ver583d6255ae66f2.27354409", 
        "eu-01-1.18352.ver529c5e45ae72a2.83645283",
    ],
    "verification": {
        "applicationTag": "Default application", 
        "bodyTemplate": null,
        "createdDateTime": "2017-04-26T05:51:34+00:00",
        "dcs": null,
        "issuer": null,
        "language": null,
        "messageId": "eu-01-1.18352.ver529c5e45ae72a2.83645283",
        "reasonCode": null,
        "recipient": "601234500000",
        "salesPrice": 0.07,
        "salesPriceCurrencyCode": "eur",
        "sender": null,
        "senderNpi": null,
        "senderTon": null,
        "sessionId": "eu-01_1161130_wid59003566562fe8.59122114e17b",
        "status": "success",
        "statusCode": 1,
        "tag": null,
        "tokenLength": null,
        "tokenType": null,
        "type": "sms",
        "validity": null,
        "validUntilDateTime": null,
        "webHook": null,
        "_links": {
            "self": {
                "href": "https:\/\/\/v1\/verification\/submit\/eu-01-1.18352.ver529c5e45ae72a2.83645283"
            }
        }
    },
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/widget\/verification\/session\/eu-01_1161130_wid59003566562fe8.59122114e17b"
        }
    }
}

The status field will show the status, in this case 'success'. When it is success you can continue to login the user, otherwise you can logout the user so he needs to login and do the verification again. For more information on the possible status codes, please check the API documentation.

That's it! These are all the steps you need to do to integrate our verification service into your application to enable 2FA.

Registration widget

Integrating the Twizo registration widget is done in 2 simple steps:

  1. Create a registration session.
  2. Open the registration widget.

Let's explain the steps in more detail.

Step 1: Create a registration session

You start by creating a registration session. When doing that you can set certain parameters like which verification types you want to support, the phone number of the user, etc. When the session is created you get a sessionToken. The sessionToken is needed to open the registration widget.

To create session token:

curl -X POST https:///v1/widget-register-verification/session \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf8" \
    -u "silverstreet:<API_KEY>" \
    -d '{
    "recipient": "601234500000", 
    "backupCodeIdentifier": "me@silverstreet.com", 
    "totpIdentifier": "me@silverstreet.com", 
    "issuer": "Twizo", 
    }'
<?php
    $widgetSession = $client->createWidgetRegisterSession( array("sms","call"));
    $widgetSession = $client->setRecipient("601234500000");
    $widgetSession = $client->create();
?>

Check our API documentation to see all options you can set when creating a registration session.

Will result in:

{
    "sessionToken": "eu-01_1161130_wid5aab9dec9bca47.995159356758",
    "applicationTag": "Default application",
    "requestedTypes": [ 
        "sms", 
        "call", 
        "totp", 
        "push", 
        "backupcode", 
        "biovoice", 
        "telegram", 
        "line" 
    ],
    "registeredTypes": [ 
        "sms", 
        "call", 
        "telegram" 
    ],
    "allowedTypes": [ 
        "sms", 
        "call",
        "totp",
        "push",
        "backupcode",
        "biovoice",
        "telegram",
        "line"
    ],
    "recipient": "601234500000",
    "totpIdentifier": "me@silverstreet.com",
    "backupCodeIdentifier": "me@silverstreet.com",
    "issuer": "Twizo",
    "language": "en",
    "status": "no status",
    "statusCode": 0,
    "createdDateTime": "2018-03-16T10:35:24+00:00",
    "_links": {
        "self": {
            "href": "https:\/\/\/v1\/widget-register-verification\/session\/eu-01_1161130_wid5aab9dec9bca47.995159356758"
        }
    }
}

You will need to use the sessionToken you can find in the response and pass it to the registration widget, see step 2.

Step 2: Open the registration widget

Now let's open the registration widget. You need to include widget.js into your html page and open the widget to show it to the user. Apart from the session token you can do some additional settings like the logo you want to show and the recipient number where the token is sent to.

If malicious people were able to capture the sessionToken, the privacy of the user is still protected. Only if they have the sessionToken and the API key, they are able to collect e.g. the phone number of the user. So always make sure you keep your API key in a safe place.

The URL of the widget.js is: https://cdn.twizo.com/widget.js

Javacript integration:

<script>
    const handler = TwizoRegisterWidget.configure();
        sessionToken: sessionToken
    }); 

    handler.open(function (sessionToken, isError, errorCode, registeredTypes) {
        if (isError) {
            return console.log('Got an error:  ' + errorCode);
        }
        //Success...
    });
</script>

The options you can set for the registration widget are:

Parameter Description
sessionToken This is a mandatory parameter. The sessionToken of the registration session you created.
logoUrl This is an optional parameter. If you want to personalise the widget, you can set a URL to your logo here. We will reduce the size of the logo to 200 pixels wide and 90 pixels high.

Please note, as the widget is using HTTPS, the link to the logo must be HTTPS as well. See HTTPS for more information.
recipient This is an optional parameter. If you set it, the widget will show it to the user to indicate where the token will be sent to. For privacy reasons we recommend not to specify the full number but e.g. only the last 4 digits. So instead of showing '61123456789' show '***6789'.

For security reasons we have set a maximum time of the session. The maximum session time is 15 minutes.

When the widget is closed you will get the sessionToken, isError (true or false), an errorCode (when isError == true) and registeredTypes returned. The registeredTypes will contain an array with the verification types the user has now registered for.

The errorCodes property can be one of the following error codes:

errorCode Description
When isError is true and the errorCode is empty ('') the user aborted the widget.
101 The sessionToken was already used before and cannot be used again to open the registration widget.
102 The session time expired. The maximum session time is 15 minutes.
105 The user is trying to register for a verification type which is not allowed. This can happen when the registration widget is open and you disable a verification type for your users.
201 The account used for the registration session was disabled after the registration widget was opened.
202 The verification service for the account used for the registration session was disabled after the registration widget was opened.
301 The bio voice registration failed. There can be numerous reasons why it failed, e.g. the country of the user is not supported for bio voice. Please contact support for more information.

That's it! These are all the steps you need to do to integrate our verification service into your application to enable 2FA.

Browser support

All recent versions of the major browsers on both desktops and mobiles are supported. If you have an issue with the Twizo widgets on a specific browser, please contact us so we can improve its support.