This page is out-of-date. Go to SMS for 2FA in the new 2FA & RBA guide. Please update your bookmarks!
NOTE! You can start using SMS immediately, however there will be transactional cost incurred when SMS messages are sent in Production. If you plan to use this service, please reach out to your Akamai Identity Cloud representative for details.
When 2FA is enabled, the default behavior is to send the second-factor authentication code to the user’s email address.
Alternatively, the code can be sent to the user’s mobile device via SMS message. This option is automatically enabled for any end user with the expected mobile number value in their profile (as defined below).
Specifically, the following is required in order for SMS 2FA to work:
The schema must contain these two top-level attributes:
The value stored in the
mobileNumber attribute in the user record must be a valid phone number including country code, with no spaces, dashes, dots or parentheses.
Examples of acceptable and unacceptable US phone number format as stored in the user record:
When a user adds their mobile number to their profile, the Hosted Login screen handles validation to ensure the phone number will work properly with 2FA. The user-friendly input field provides a country code drop-down and auto-formatting, and writes the required format to the user record.
Hosted Login’s SMS for 2FA works internationally!
You can check your schema in the Identity Cloud Console to see if you have the root-level
mobileNumberVerified attributes, which are required for 2FA via SMS to be enabled.
See Add SMS Attributes in the Hosted Login v2 Upgrade Guide for steps to check for these attributes and add them if they are missing.