Overview

A new security feature available in Hosted Login v2 is the ability to send SMS messages, specifically to verify the user’s mobile number or to enforce two-factor authentication (2FA) via text message.

In order to use this feature, your schema must contain these two root-level attributes:

  • mobileNumber
  • mobileNumberVerified

Next, we’ll check for these attributes and add them if needed.

I don’t want to use SMS and don’t plan to use it in the future. If this is the case, you do not need to add these attributes. Skip to Update Your Flow.

I want to use SMS but I’m currently using a different schema attribute for mobile number. In order to use SMS in Hosted Login, you must use these attributes. So if you’re already storing mobile numbers in a different attribute, you have two choices:

  • Migrate existing numbers to the new mobileNumber attribute, or
  • Let users add their number again via the v2 Account Security screen after you upgrade

If you migrate existing mobile numbers, note that SMS functionality depends on a specific format: The value must be a valid phone number including country code, with no spaces, dashes, dots or parentheses. Valid examples: 13216540987 or +13216540987. As such, you may need to reformat existing numbers before you migrate them.