Verify (OTP/2FA)
WAYSCloud Verify sends one-time passwords (OTP) via SMS, voice or email for 2-factor authentication. Simple API to send and verify codes.
What it is
Verify in WAYSCloud provides one-time password (OTP) verification across three channels: SMS, voice (text-to-speech call), and email. Built for login flows, transaction confirmations, and any scenario requiring identity verification.
Codes are hashed with SHA-256 (never stored in plaintext), with configurable TTL and max attempts per session.
When to use
Use this when you need:
- Two-factor authentication (2FA) for login flows
- Transaction or action confirmation
- Phone number or email verification during signup
- Multi-channel delivery with automatic fallback options
When NOT to use:
- Bulk messaging — use SMS
- Push notifications — Verify is code-based, not push-based
How it works
Verification in two steps:
- Start — send an OTP to the recipient via SMS, voice, or email
- Check — verify the code the user submits
Each session has a configurable TTL (60-900 seconds) and max 5 attempts. Codes are single-use.
Features
WAYSCloud Verify is built for security, reliability, and multi-channel reach.
Channels
- SMS — to any mobile number (E.164 format)
- Voice — text-to-speech call with spoken code
- Email — to any email address
Security
- SHA-256 hashed codes (never stored in plaintext)
- Max 5 attempts per session
- Configurable TTL (60-900 seconds)
- Tenant isolation
Integration
- Simple two-endpoint API (start + check)
- Configurable sender (alphanumeric for SMS, verified domain for email)
- Multi-language support via locale parameter
Getting started
All Verify (OTP/2FA) functionality is available via the WAYSCloud API.
See all 4 endpoints in the Verify API reference.
Limits and quotas
Limits and quotas depend on the selected plan and region. See the dashboard or API for current constraints.