Test Auth0 Custom Phone Provider and OTP Delivery Without an Active SMS Provider
Testing a Custom Phone Provider and One-Time Password (OTP) delivery in environments without an active Short Message Service (SMS) provider requires capturing the OTP code manually. Resolve this by adding the undici dependency to the Phone Provider action and implementing a script to capture the code via a webhook endpoint or Action Logs.
- Auth0
- Custom Phone Provider
- One-Time Password (OTP) testing
- Action Logs
- Passwordless Connection
What are the steps to test the Custom Phone Provider without an active SMS provider?
To test the Custom Phone Provider and OTP delivery, add the undici dependency to the action and configure a script to capture the code using either a webhook endpoint or Action Logs.
-
Add the undici dependency to the Phone Provider action.
-
Implement one of the following methods to capture the OTP code.
What are the steps to capture the OTP code using a webhook endpoint?
Forward the code to a webhook URL by entering the provided script into the Custom Phone Provider configuration.
-
Enter the following script into the Custom Phone Provider configuration to forward the code to a webhook URL:
const { fetch } = require('undici');
exports.onExecuteCustomPhoneProvider = async (event, api) => {
if (event.notification.message_type.startsWith('otp')) {
const body = {
from: event.notification.from,
action: event.notification.message_type === 'otp_verify' ? 'second-factor-authenticator' : 'enrollment',
language: event.notification.locale,
recipient: event.notification.recipient,
message_type: event.notification.delivery_method,
text: event.notification.as_text,
code: event.notification.code,
};
try {
const response = await fetch("<webhook_url>", {
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify(body),
});
if (!response.ok) {
console.error(`Webhook rejected the request: ${response.status} ${response.statusText}`);
} else {
console.log("Successfully forwarded OTP to webhook!");
}
} catch (error) {
console.error("Network error while attempting to reach webhook:", error);
}
}
return;
};What are the steps to capture the OTP code using Action Logs?
Log the code to the console by entering the provided script into the Custom Phone Provider configuration and viewing the output in the Action Logs.
-
Enter the following script into the Custom Phone Provider configuration to log the code to the console:
const { fetch } = require('undici');
exports.onExecuteCustomPhoneProvider = async (event, api) => {
if (event.notification.message_type.startsWith('otp')) {
const body = {
from: event.notification.from,
action: event.notification.message_type === 'otp_verify' ? 'second-factor-authenticator' : 'enrollment',
language: event.notification.locale,
recipient: event.notification.recipient,
message_type: event.notification.delivery_method,
text: event.notification.as_text,
code: event.notification.code,
};
console.log("text: ", event.notification.as_text, " code: ", event.notification.code)
}
};- Go to Monitoring, and then choose Action Logs to view the output.
NOTE: The action code was taken from the Configure a Custom Phone Provider documentation and modified for testing.
Related References
