SMS Verification in Android using SMS User Consent API
Nowadays, SMS verification is that the best manner that’s getting used by mobile applications for login purposes. All you would like to try and do is simply enter your mobile number, get a One-Time arcanum and eventually enter that OTP in your application and verify. However, the matter that arises here is that to own the OTP for your application, you need to look at all of your messages, and additionally at a similar time you need to input the OTP on your own. No doubt, there are sure libraries on Github that may do the automated code completion for you but here we tend to are having the SMS User Consent API, which may create our task terribly easy. In this article, we’ll learn our SMS User Consent API and see however this may be simply used for SMS verification. So, let’s get started.
What is SMS Client Consent API?
SMS Client Consent API is utilized to recover the SMS by appearing a incite to the client to allow get to to the substance of a single SMS message. When the consent is allowed by the client at that point the application will examine the whole message and consequently fill the OTP or SMS confirmation code within the wanted put. Taking after is the stream of SMS Client Assent API. Here, on the off chance that the client presses the Permit button, at that point, the SMS confirmation code will be naturally filled up.
The Flow of the SMS User Consent API
The SMS User Consent API’s operation can be broken down into three steps:
- Step 1: Begin: To use the SMS User Consent API, you must first begin. However, there is one stipulation: the API must be started before delivering the message or OTP to the server.
- Step 2: Prompt: When you start the API, Google Play Services will read the message and prompt your users to authorize permission to receive the message containing the OTP or verification code. The user has the option to accept or reject the request to read the message.
- Step 3: Finally, if your application has the authorization to view messages, it will automatically enter the One Time Code for you via the API.
Criteria for Messages
Before using the SMS User Consent API, you must meet the following requirements:
- Contains One Time Code: Your message must include some sort of One Time Code.
- The One Time Code should be 4–10 digits long, with at least one digit being a number.
- Contacts: You should not get the mail containing the One Time Code from any of your contacts.
- Timing: For a maximum of 5 minutes, the API will seek the One Time Code.
In Android, using the SMS User Consent API
We’ll use the SMS User Consent API by following the three steps listed above, but first, we’ll install the library in our app. Add the following lines to the app-level build.gradle file:
implementation "com.google.android.gms:play-services-auth:LATESST_VER" implementation "com.google.android.gms:play-services-auth-api-phone:LATEST_VER"
The next step is to listen to the communications that have arrived. You can start listening for inbound messages by using the smartSmsUserConsent() method. You can pass the number of the sender who is sending the SMS verification in the method if you know it, or you can pass NULL if you don’t.
So, we’ve completed the first stage, namely, we’ve launched the SMS User Consent API, and our next task is to deliver the SMS verification code. You can utilize your verification code sender to send the One Time Code to the user’s phone number from here. So, if your SMS meets all four of the API’s Message criteria, the prompt will be displayed to the user. As a result, you’ll require a broadcast receiver that responds to SMS RECEIVED ACTION intents to handle these broadcasts.
You can also include the option of manually entering the SMS verification code for a better user experience because if the code is received on another device, the user can manually enter the code in your app.
We learned how to use the SMS User Consent API in our Android application in this article. So, in general, there are three steps: Start, Prompt, and Read Message. Before sending the code, we first start the API, then show the user a prompt to grant permission for code reading from the message, and finally, if permission is granted, the API extracts the code from your message, which you can use.