2Factor provides a robust and scalable HTTP API platform for sending SMS OTPs, transactional messages, and promotional bulk SMS efficiently.
\nIn addition to SMS services, we also provide advanced WhatsApp solutions: WhatsApp Chatbot Provider, WhatsApp Business API Guide 2025, and WhatsApp API Service Provider in India.
\n2Factor employs API key-based authentication to ensure secure access. Each client is assigned a unique APIKey that identifies their account.
Additional Security Features:
\nThe 2Factor Cloud API is designed for enterprise-grade performance and reliability, trusted by leading organizations.
\nThroughput: Supports up to 200 requests per second under default configurations.
\nResponse Times: Average response times range from 100 ms to 500 ms.
\nFor clients with high scalability needs, we offer a High Availability (HA) Cluster infrastructure:
\nThroughput: Supports up to 2000 transactions per second (TPS).
\nResponse Times: Average response times range from 50ms to 150 ms.
\nTo scale up or discuss your specific requirements, contact support@2factor.in.
\nAt 2Factor, safeguarding customer data is a top priority. The following measures ensure that all data is securely processed, stored, and accessed in compliance with industry standards:
\nCloudflare Serverless Environment: All 2Factor API endpoints are hosted on Cloudflare's serverless environment for scalability.
\nEnd-to-End Encryption: Cloudflare employs SSL/TLS encryption to ensure secure transmission of data between the client, Cloudflare, and 2Factor's backend systems.
\nWeb Application Firewall (WAF): Cloudflare’s WAF protects publicly accessible API endpoints from vulnerabilities and unauthorized access attempts.
\nRule Set: Protects against thousands of commonly known web exploits and intrusion attempts.
\nIP-Based Restrictions: Backend systems enforce strict IP-based access controls to block unintended audiences.
\nEach Linux virtual machine (VM) hosting code and data stores is secured with:
\nA local firewall.
\nBrute-force monitoring software to detect and prevent unauthorized login attempts.
\nBanking Clients: Data is retained for 7 years, as required by industry regulations.
\nOther Clients: Data is typically retained for 1 year, after which it is archived in flat files.
\nAfter the retention period, data is dumped into SQL flat files and stored in S3/S3-compatible cold storage.
\nWhile no formal archival/disposal agreements exist, the above process ensures long-term data security and compliance.
\nTo access SMS logs, users must complete 2-factor authentication:
\nStep 1: Log in with a username and password.
\nStep 2: Verify the login attempt using an SMS OTP sent to the registered phone number.
\nAccount Owners: Full access to SMS logs.
\n2Factor Technical Support Team: Limited access on a need-to-know basis to resolve support tickets.
\nThird Parties: No access is provided to external entities or unauthorized users.
\nFor more information about 2Factor’s security measures, data retention policies, or access controls, reach out to our support team at support@2factor.in.
\n","schema":"https://schema.getpostman.com/json/collection/v2.0.0/collection.json","toc":[{"content":"Authentication","slug":"authentication"},{"content":"API Throughput and Scalability","slug":"api-throughput-and-scalability"},{"content":"Data Privacy & Security Measures","slug":"data-privacy-security-measures"}],"owner":"301893","collectionId":"daa8a183-4c45-4af3-98ee-a0db99cd4a48","publishedId":"TWDamFGh","public":true,"customColor":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"EF5B25"},"publishDate":"2021-02-24T16:02:12.000Z"},"item":[{"name":"Getting Started","item":[{"name":"1: Create a 2Factor Account","item":[],"id":"9c41c219-48c5-4432-b3d2-15f333fd322f","description":"To get started with 2Factor, follow these steps:
\nEmail ID: Your valid email address.
\nPhone Number: A phone number to register your account.
\nVisit the 2Factor signup page.
\nEnter your Email ID and Phone Number to register.
\nUpon successful registration:
\nYou will receive 250 free credits to test and integrate our services.
\nAccount details will be sent to your registered email address.
\nBefore you can send SMS messages, ensure the following prerequisites are ready:
\nSender ID/Header:
\nA unique, 6-character identifier representing your company or brand name.
\nExample: MYBRND.
SMS Template:
\nThe predefined text message you intend to send.
\nTemplates must comply with DLT guidelines.
\nLog in to the 2Factor Dashboard.
\nNavigate to:
\nSubmit your Sender ID and SMS Template for approval.
\nApproval Time: Templates are usually approved within 30 minutes to 1 hour during working hours.
\nOnce approved:
\nYou will receive an email notification.
\nThe approved Sender ID and Template, along with the relevant API endpoint, will be shared.
\nOnce your Sender ID and Template are approved:
\nYou can start testing the 2Factor API immediately.
\nAPI documentation and credentials will be provided in your email.
\nTo successfully deliver SMS messages, you must complete the DLT Registration process. This process ensures compliance with regulatory requirements. For more details on DLT registration, refer to Step 2 of the documentation.
\nIf you have any questions or need assistance, contact us at support@2factor.in.
\n","_postman_id":"9c41c219-48c5-4432-b3d2-15f333fd322f"},{"name":"2: Complete DLT Registration","item":[],"id":"e15c57d0-7d23-4484-bcd1-4175e233b857","description":"Overview of DLT Registration
\nThe Telecom Regulatory Authority of India (TRAI) mandates that all entities engaging in commercial communications register on the Distributed Ledger Technology (DLT) platform. This initiative aims to curb Unsolicited Commercial Communication (UCC) and enhance mobile subscriber privacy in India. Detailed information about these regulations is available in the Telecom Commercial Communications Customer Preference Regulation, 2018 (TCCCPR 2018)
\nPurpose of These Changes
\nThe primary objective is to reduce the incidence of fraud and spam via SMS and voice calls. By conducting Know Your Customer (KYC) processes with telecom operators, end-to-end traceability is ensured in cases of fraudulent activities. Additionally, pre-defining SMS content helps control spam and prevent deceptive messages.
\nEnterprises vs. Telemarketers
\nThe DLT platform categorizes registrants as either Enterprises or Telemarketers:
\nEnterprises: Commercial businesses (individuals or companies) offering products or services and seeking to communicate with customers via SMS or voice services.
\nTelemarketers: Entities that facilitate communication on behalf of enterprises. They are further classified into:
\nTelemarketer Aggregators: Individuals or companies that collect SMS/voice traffic from enterprises without a direct connection to telecom operators.
\nTelemarketer Delivery: Individuals or companies that collect SMS/voice traffic from enterprises and have a direct connection with telecom operators.
\nNote: You or your clients must register on the DLT platform as an Enterprise. Solv Technologies (2Factor) will act as the Telemarketer on your behalf. Our Telemarketer Registration Number is (1002884117264848 - SOLV TECHNOLOGIES)
\nHow to Register on the DLT Platform
\nIf you intend to send SMS messages to users in India, DLT registration is mandatory. Registration with at least one telecom operator is required.
\nWe recommend starting with Vodafone's DLT platform, as their support is prompt and approval times are minimal. Alternatively, you may choose other telecom operators' DLT portals.
\nFor further assistance, feel free to contact us at support@2factor.in.
\n","_postman_id":"e15c57d0-7d23-4484-bcd1-4175e233b857"},{"name":"3: Link Your DLT Account with 2Factor","item":[],"id":"8b58d562-2399-469f-b894-f8b5181ed52e","description":"After your SMS templates have been approved on the DLT Portal, the next step is to map them to your 2Factor account. This ensures seamless integration between your DLT-registered templates and 2Factor's Cloud SMS API.
\nLog in to the 2Factor DLT Portal ( https://dlt-registration.2factor.in )
\nUpdate Your DLT Details:
\nEnter the DLT Principal Entity ID (PE ID) associated with your approved templates.
\nEnsure that all required fields, such as your DLT registration number and sender ID, are correctly updated.
\nMapping Process:
\nOnce your details are submitted, 2Factor will map your templates to its system.
\nThis process typically takes a few hours to complete.
\nAccount Activation:
\nAfter the mapping is finalized, your Cloud SMS API account will be activated.
\nYou will receive an email notification confirming the completion of the setup.
\nSend a Test Message:
\nEnsure the DLT templates and sender IDs you submit match those approved by your telecom operator.
\nMapping delays are minimal but may vary depending on template and sender ID validation.
\nFor assistance with DLT account mapping or any other inquiries, contact us at support@2factor.in.
\n","_postman_id":"8b58d562-2399-469f-b894-f8b5181ed52e"}],"id":"bc198c63-7c63-45a4-9070-c6992e6421aa","_postman_id":"bc198c63-7c63-45a4-9070-c6992e6421aa","description":""},{"name":"Send SMS OTP","item":[{"name":"Send OTP - AUTOGEN","item":[{"name":"Send OTP ( AUTOGEN )","id":"e169bd6f-1356-4bff-998b-19f83f9825f4","protocolProfileBehavior":{"disableBodyPruning":true,"disabledSystemHeaders":{"connection":true,"accept-encoding":true,"accept":true,"user-agent":true},"strictSSL":false,"followRedirects":false,"disableUrlEncoding":true},"request":{"method":"GET","header":[],"url":"https://2factor.in/API/V1/:api_key/SMS/:phone_number/AUTOGEN/:otp_template_name","description":"Use this endpoint to send a system-generated 6-digit OTP directly to the end user. The OTP is automatically generated by 2Factor.in, ensuring randomness and security.
\n","urlObject":{"protocol":"https","path":["API","V1",":api_key","SMS",":phone_number","AUTOGEN",":otp_template_name"],"host":["2factor","in"],"query":[],"variable":[{"description":{"content":"APIKey value obtained from 2Factor.in
\n","type":"text/plain"},"type":"any","value":"XXXX-XXXX-XXXX-XXXX-XXXX","key":"api_key"},{"description":{"content":"Phone number formated in the international number format ( +
\n","type":"text/plain"},"type":"any","value":"+919999999999","key":"phone_number"},{"description":{"content":"(*optional) Name of the OTP template to be sent. In absense of any value, a default OTP template would be picked up.
\n","type":"text/plain"},"type":"any","value":"OTP1","key":"otp_template_name"}]}},"response":[{"id":"241ccba1-d799-4774-9bac-e78621cd6d1d","name":"OTP Sent Successfully","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://2factor.in/API/V1/:api_key/SMS/:phone_number/AUTOGEN/:otp_template_name","protocol":"https","host":["2factor","in"],"path":["API","V1",":api_key","SMS",":phone_number","AUTOGEN",":otp_template_name"],"variable":[{"key":"api_key","value":"XXXX-XXXX-XXXX-XXXX-XXXX","description":"APIKey value obtained from 2Factor.in"},{"key":"phone_number","value":"+919999999999","description":"Phone number formated in the international number format ( +Use this endpoint to send a system-generated 6-digit OTP to the end user. The generated OTP value is included in the API response, allowing your application to directly use it for validation purposes.
\njsonCopy code{\n \"Status\": \"Success\",\n \"Details\": \"l60gaseavbemjvlgw7o-7303503698702e11\",\n \"OTP\": \"565059\"\n}\n\nStatus: Indicates the success of the API request.
\nDetails: A unique identifier for the OTP request.
\nOTP: The 6-digit OTP generated by the system.
\nTo verify the OTP entered by the user, you have two options:
\nUse the VERIFY endpoint for server-side validation.
\nMatch the OTP entered by the user with the OTP value provided in the API response.
APIKey value obtained from 2Factor.in
\n","type":"text/plain"},"type":"any","value":"XXXX-XXXX-XXXX-XXXX-XXXX","key":"api_key"},{"id":"82a1df2e-6dd2-4477-be1b-eafbfed31f53","description":{"content":"Phone number formated in the international number format ( +
\n","type":"text/plain"},"type":"any","value":"+919999999999","key":"phone_number"},{"id":"6c9f6b92-baee-41a7-ac29-be1af73d11d9","description":{"content":"(*optional) Name of the OTP template to be sent. In absense of any value, a default OTP template would be picked up.
\n","type":"text/plain"},"type":"any","value":"OTP1","key":"otp_template_name"}]}},"response":[{"id":"1d70197f-1957-4893-b0ef-c6f62693c027","name":"OTP Sent Successfully","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://2factor.in/API/V1/:api_key/SMS/:phone_number/AUTOGEN2/:otp_template_name","protocol":"https","host":["2factor","in"],"path":["API","V1",":api_key","SMS",":phone_number","AUTOGEN2",":otp_template_name"],"variable":[{"key":"api_key","value":"XXXX-XXXX-XXXX-XXXX-XXXX","description":"APIKey value obtained from 2Factor.in"},{"key":"phone_number","value":"+919999999999","description":"Phone number formated in the international number format ( +Use this endpoint to send a system-generated 4-digit OTP to the end user. The OTP is automatically generated and securely transmitted.
\nTo validate the OTP entered by the user, use the VERIFY endpoint provided below. This ensures the entered OTP matches the system-generated value.
\n","urlObject":{"protocol":"https","path":["API","V1",":api_key","SMS",":phone_number","AUTOGEN3",":otp_template_name"],"host":["2factor","in"],"query":[],"variable":[{"id":"60a38960-bc22-4b7e-94cc-5a02d29d2930","description":{"content":"APIKey value obtained from 2Factor.in
\n","type":"text/plain"},"type":"any","value":"XXXX-XXXX-XXXX-XXXX-XXXX","key":"api_key"},{"id":"aca989c9-da87-4b97-8f91-4ac5f8fdd8ad","description":{"content":"Phone number formated in the international number format ( +
\n","type":"text/plain"},"type":"any","value":"+919999999999","key":"phone_number"},{"id":"34bdc5fa-38eb-43d0-8db5-68ff91e0c178","description":{"content":"(*optional) Name of the OTP template to be sent. In absense of any value, a default OTP template would be picked up.
\n","type":"text/plain"},"type":"any","value":"OTP1","key":"otp_template_name"}]}},"response":[{"id":"021a37e9-f1b8-4770-adab-080ebcb7c669","name":"OTP Sent Successfully","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://2factor.in/API/V1/:api_key/SMS/:phone_number/AUTOGEN/:otp_template_name","protocol":"https","host":["2factor","in"],"path":["API","V1",":api_key","SMS",":phone_number","AUTOGEN",":otp_template_name"],"variable":[{"key":"api_key","value":"XXXX-XXXX-XXXX-XXXX-XXXX","description":"APIKey value obtained from 2Factor.in"},{"key":"phone_number","value":"+919999999999","description":"Phone number formated in the international number format ( +The following endpoints are designed for scenarios where 2Factor.in automatically generates a random OTP and sends it to the end user.
\nUse the specified API endpoint to send a randomly generated OTP to the end user. This eliminates the need for manual OTP generation on the client side.
\nTo verify the OTP value entered by the end user, utilize the VERIFY OTP API endpoints. These endpoints ensure the accuracy and validity of the entered OTP against the generated value.
\nThese endpoints streamline the OTP management process, providing secure and efficient functionality for user authentication workflows.
\n","_postman_id":"e2f9aba1-369d-4b94-b28c-9bcc61d360c5"},{"name":"Send OTP - Custom OTP","item":[{"name":"Send OTP ( Manual Generation )","id":"9cd1d2b1-deb6-4eb1-99bc-c1d77a48ec7e","protocolProfileBehavior":{"disableBodyPruning":true,"disabledSystemHeaders":{"connection":true,"accept-encoding":true,"accept":true,"user-agent":true},"strictSSL":false,"followRedirects":false,"disableUrlEncoding":true},"request":{"method":"GET","header":[],"url":"https://2factor.in/API/V1/:api_key/SMS/:phone_number/:otp_value/:otp_template_name","description":"Use this endpoint to send a custom 4-6 digit OTP value to the end user. This allows flexibility to define OTP values based on specific application requirements.
\n","urlObject":{"protocol":"https","path":["API","V1",":api_key","SMS",":phone_number",":otp_value",":otp_template_name"],"host":["2factor","in"],"query":[],"variable":[{"description":{"content":"APIKey value obtained from 2Factor.in
\n","type":"text/plain"},"type":"any","value":"XXXX-XXXX-XXXX-XXXX-XXXX","key":"api_key"},{"description":{"content":"Phone number formated in the international number format ( +
\n","type":"text/plain"},"type":"any","value":"+919999999999","key":"phone_number"},{"description":{"content":"4-6 character OTP value to be sent to the user
\n","type":"text/plain"},"type":"any","value":"12345","key":"otp_value"},{"description":{"content":"(*optional) Name of the OTP template to be sent. In absense of any value, a default OTP template would be picked up.
\n","type":"text/plain"},"type":"any","value":"OTP1","key":"otp_template_name"}]}},"response":[{"id":"4bf61e10-de20-477d-82a3-9f4267e9b53a","name":"OTP Sent Successfully","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://2factor.in/API/V1/:api_key/SMS/:phone_number/:otp_value/:otp_template_name","protocol":"https","host":["2factor","in"],"path":["API","V1",":api_key","SMS",":phone_number",":otp_value",":otp_template_name"],"variable":[{"key":"api_key","value":"XXXX-XXXX-XXXX-XXXX-XXXX","description":"APIKey value obtained from 2Factor.in"},{"key":"phone_number","value":"+919999999999","description":"Phone number formated in the international number format ( +The below endpoints are useful when you want to pass the custom generated OTP value to the end user.
\n","_postman_id":"cabb570d-3d1d-43ac-8302-9f849773ad41"},{"name":"Verify OTP Input","item":[{"name":"Verify OTP ( Using OTP Session Id + OTP Value)","id":"2abe0791-c6ff-4310-a9c7-db061b1a4202","protocolProfileBehavior":{"disableBodyPruning":true,"disabledSystemHeaders":{"connection":true,"accept-encoding":true,"accept":true,"user-agent":true},"strictSSL":false,"followRedirects":false,"disableUrlEncoding":true},"request":{"method":"GET","header":[],"url":"https://2factor.in/API/V1/:api_key/SMS/VERIFY/:otp_session_id/:otp_entered_by_user","description":"Use this endpoint to verify the OTP value entered by user.
\n","urlObject":{"protocol":"https","path":["API","V1",":api_key","SMS","VERIFY",":otp_session_id",":otp_entered_by_user"],"host":["2factor","in"],"query":[],"variable":[{"description":{"content":"APIKey value obtained from 2Factor.in
\n","type":"text/plain"},"type":"any","value":"XXXX-XXXX-XXXX-XXXX-XXXX","key":"api_key"},{"description":{"content":"OTP session id printed in the send OTP request
\n","type":"text/plain"},"type":"any","value":"XXXX-XXXX-XXXX-XXXX-XXXX","key":"otp_session_id"},{"description":{"content":"OTP value entered by the end user
\n","type":"text/plain"},"type":"any","value":"123455","key":"otp_entered_by_user"}]}},"response":[{"id":"95770fad-82f4-4f16-97d5-caab49a55bbc","name":"OTP Matched","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://2factor.in/API/V1/:api_key/SMS/VERIFY/:otp_session_id/:otp_entered_by_user","protocol":"https","host":["2factor","in"],"path":["API","V1",":api_key","SMS","VERIFY",":otp_session_id",":otp_entered_by_user"],"variable":[{"key":"api_key","value":"XXXX-XXXX-XXXX-XXXX-XXXX","description":"APIKey value obtained from 2Factor.in"},{"key":"otp_session_id","value":"XXXX-XXXX-XXXX-XXXX-XXXX","description":"OTP session id printed in the send OTP request"},{"key":"otp_entered_by_user","value":"12345","description":"OTP value entered by the end user"}]}},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\"Status\":\"Error\",\"Details\":\"OTP Matched\"}"},{"id":"723cb283-118f-4c26-bc37-b3c053641de4","name":"OTP Mismatched","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://2factor.in/API/V1/:api_key/SMS/VERIFY/:otp_session_id/:otp_entered_by_user","protocol":"https","host":["2factor","in"],"path":["API","V1",":api_key","SMS","VERIFY",":otp_session_id",":otp_entered_by_user"],"variable":[{"key":"api_key","value":"XXXX-XXXX-XXXX-XXXX-XXXX","description":"APIKey value obtained from 2Factor.in"},{"key":"otp_session_id","value":"XXXX-XXXX-XXXX-XXXX-XXXX","description":"OTP session id printed in the send OTP request"},{"key":"otp_entered_by_user","value":"12345","description":"OTP value entered by the end user"}]}},"status":"Bad Request","code":400,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\"Status\":\"Error\",\"Details\":\"OTP Mismatch\"}"},{"id":"d202b7a8-24e8-4e98-99fb-e69550448b5e","name":"OTP Expired","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://2factor.in/API/V1/:api_key/SMS/VERIFY/:otp_session_id/:otp_entered_by_user","protocol":"https","host":["2factor","in"],"path":["API","V1",":api_key","SMS","VERIFY",":otp_session_id",":otp_entered_by_user"],"variable":[{"key":"api_key","value":"XXXX-XXXX-XXXX-XXXX-XXXX","description":"APIKey value obtained from 2Factor.in"},{"key":"otp_session_id","value":"XXXX-XXXX-XXXX-XXXX-XXXX","description":"OTP session id printed in the send OTP request"},{"key":"otp_entered_by_user","value":"12345","description":"OTP value entered by the end user"}]}},"status":"Bad Request","code":400,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\"Status\":\"Error\",\"Details\":\"OTP Expired\"}"},{"id":"39392938-09a3-453b-8827-3ac6a4a9fe01","name":"Incorrect OTP Session Id Passed","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://2factor.in/API/V1/:api_key/SMS/VERIFY/:otp_session_id/:otp_entered_by_user","protocol":"https","host":["2factor","in"],"path":["API","V1",":api_key","SMS","VERIFY",":otp_session_id",":otp_entered_by_user"],"variable":[{"key":"api_key","value":"XXXX-XXXX-XXXX-XXXX-XXXX","description":"APIKey value obtained from 2Factor.in"},{"key":"otp_session_id","value":"XXXX-XXXX-XXXX-XXXX-XXXX","description":"OTP session id printed in the send OTP request"},{"key":"otp_entered_by_user","value":"12345","description":"OTP value entered by the end user"}]}},"status":"Bad Request","code":400,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\r\n \"Status\": \"Error\",\r\n \"Details\": \"Invalid API / SessionId Combination - No Entry Exists\"\r\n}"}],"_postman_id":"2abe0791-c6ff-4310-a9c7-db061b1a4202"},{"name":"Verify OTP ( Using PhoneNumber + OTP Value)","id":"80e57b40-920d-4e11-92c0-e9e8430a7e94","protocolProfileBehavior":{"disableBodyPruning":true,"disabledSystemHeaders":{"connection":true,"accept-encoding":true,"accept":true,"user-agent":true},"strictSSL":false,"followRedirects":false,"disableUrlEncoding":true},"request":{"method":"GET","header":[],"url":"https://2factor.in/API/V1/:api_key/SMS/VERIFY3/:phone_number/:otp_entered_by_user","description":"Use this endpoint to verify the OTP value entered by user.
\n","urlObject":{"protocol":"https","path":["API","V1",":api_key","SMS","VERIFY3",":phone_number",":otp_entered_by_user"],"host":["2factor","in"],"query":[],"variable":[{"description":{"content":"APIKey value obtained from 2Factor.in
\n","type":"text/plain"},"type":"any","value":"XXXX-XXXX-XXXX-XXXX-XXXX","key":"api_key"},{"description":{"content":"Customer's phone number
\n","type":"text/plain"},"type":"any","value":"91XXXXXXXXXX","key":"phone_number"},{"description":{"content":"OTP value entered by the end user
\n","type":"text/plain"},"type":"any","value":"123455","key":"otp_entered_by_user"}]}},"response":[{"id":"5e755c53-dbaa-476d-a3be-5a674f6587c8","name":"OTP Matched","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://2factor.in/API/V1/:api_key/SMS/VERIFY3/:phone_number/:otp_entered_by_user","protocol":"https","host":["2factor","in"],"path":["API","V1",":api_key","SMS","VERIFY3",":phone_number",":otp_entered_by_user"],"variable":[{"key":"api_key","value":"XXXX-XXXX-XXXX-XXXX-XXXX","description":"APIKey value obtained from 2Factor.in"},{"key":"phone_number","value":"91XXXXXXXXXX","description":"Customer's phone number"},{"key":"otp_entered_by_user","value":"12345","description":"OTP value entered by the end user"}]}},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\"Status\":\"Error\",\"Details\":\"OTP Matched\"}"},{"id":"c06be9fc-1cbb-4f28-9600-856b320cc816","name":"OTP Mismatched","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://2factor.in/API/V1/:api_key/SMS/VERIFY3/:phone_number/:otp_entered_by_user","protocol":"https","host":["2factor","in"],"path":["API","V1",":api_key","SMS","VERIFY3",":phone_number",":otp_entered_by_user"],"variable":[{"key":"api_key","value":"XXXX-XXXX-XXXX-XXXX-XXXX","description":"APIKey value obtained from 2Factor.in"},{"key":"phone_number","value":"91XXXXXXXXXX","description":"Customer's phone number"},{"key":"otp_entered_by_user","value":"12345","description":"OTP value entered by the end user"}]}},"status":"Bad Request","code":400,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\"Status\":\"Error\",\"Details\":\"OTP Mismatch\"}"},{"id":"99f6bab2-8d02-41f4-86d1-00f505c5e914","name":"OTP Expired","originalRequest":{"method":"GET","header":[],"url":{"raw":"https://2factor.in/API/V1/:api_key/SMS/VERIFY3/:phone_number/:otp_entered_by_user","protocol":"https","host":["2factor","in"],"path":["API","V1",":api_key","SMS","VERIFY3",":phone_number",":otp_entered_by_user"],"variable":[{"key":"api_key","value":"XXXX-XXXX-XXXX-XXXX-XXXX","description":"APIKey value obtained from 2Factor.in"},{"key":"phone_number","value":"91XXXXXXXXXX","description":"Customer's phone number"},{"key":"otp_entered_by_user","value":"12345","description":"OTP value entered by the end user"}]}},"status":"Bad Request","code":400,"_postman_previewlanguage":"json","header":[],"cookie":[],"responseTime":null,"body":"{\"Status\":\"Error\",\"Details\":\"OTP Expired\"}"}],"_postman_id":"80e57b40-920d-4e11-92c0-e9e8430a7e94"}],"id":"9a942ca2-6ba4-4c82-aa6e-44b584ae45fb","description":"2Factor provides two methods to verify the OTP entered by the user, offering flexibility based on your application requirements:
\nUsing Unique SMS Request ID + OTP Value
\nVerify the OTP by combining the unique request ID (provided in the API response when the OTP was sent) with the OTP value entered by the user.
\nThis method ensures precise mapping of the OTP to the specific request.
\nUsing User's Phone Number + OTP Value
\nValidate the OTP directly against the user's phone number and the OTP value entered by the user.
\nThis method is simpler and does not require storing the unique request ID.
\nThese verification options ensure secure and efficient validation workflows tailored to different use cases.
\n","_postman_id":"9a942ca2-6ba4-4c82-aa6e-44b584ae45fb"},{"name":"Sandbox / Testing","item":[],"id":"6cef8eec-75fc-4629-80f1-e0f83fa992a1","description":"The 2Factor.in Sandbox Environment allows developers to integrate and test SMS OTP APIs without sending actual SMS messages or incurring charges. This testing environment provides realistic API responses that mimic production behavior, enabling seamless development and testing workflows.
\nTo enable sandbox/testing endpoints for your account:
\nSend an email to: support@2factor.in
Include the following information:
\nYour account API key
\nSpecific sample phone number(s) for testing (e.g., +919920123456)
Request to enable sandbox mode for testing purposes
\nWait for confirmation: Our support team will confirm when sandbox mode is activated for your account and specified phone numbers.
\nOnce enabled, all API endpoints will return dummy responses instead of sending actual SMS messages. The sandbox maintains the same URL structure as production endpoints.
\nhttps://2factor.in/API/V1/{your-api-key}/SMS/\n\nEndpoint Pattern:
\nGET https://2factor.in/API/V1/{api-key}/SMS/{phone}/AUTOGEN/{template}\nGET https://2factor.in/API/V1/{api-key}/SMS/{phone}/AUTOGEN\n\nExample Request:
\nGET https://2factor.in/API/V1/XXXX-XXXX-XXXX-XXXX-XXXX/SMS/+919920123456/AUTOGEN/OTPTest\n\nSandbox Response:
\n{\n \"Status\": \"Success\",\n \"Details\": \"mf2djpsmqnrwmwob7z-978c24505cf48a13\"\n}\n\nResponse Fields:
\nStatus: Always \"Success\" in sandbox
Details: Unique session ID for OTP verification (randomly generated)
Endpoint Pattern:
\nGET https://2factor.in/API/V1/{api-key}/SMS/{phone}/AUTOGEN2/{template}\nGET https://2factor.in/API/V1/{api-key}/SMS/{phone}/AUTOGEN2\n\nExample Request:
\nGET https://2factor.in/API/V1/XXXX-XXXX-XXXX-XXXX-XXXX/SMS/+919920123456/AUTOGEN2/OTPTest\n\nSandbox Response:
\n{\n \"Status\": \"Success\",\n \"Details\": \"mf2dxd0bhngrkfjm79j-978c33db288487d8\",\n \"OTP\": \"521983\"\n}\n\nResponse Fields:
\nStatus: Always \"Success\" in sandbox
Details: Unique session ID for OTP verification
OTP: 6-digit OTP code (randomly generated)
Endpoint Pattern:
\nGET https://2factor.in/API/V1/{api-key}/SMS/{phone}/{template-name}\n\nExample Request:
\nGET https://2factor.in/API/V1/XXXX-XXXX-XXXX-XXXX-XXXX/SMS/+919920123456/MyCustomTemplate\n\nSandbox Response:
\n{\n \"Status\": \"Success\",\n \"Details\": \"mf2djpsmqnrwmwob7z-978c24505cf48a13\"\n}\n\nEndpoint Pattern:
\nGET https://2factor.in/API/V1/{api-key}/SMS/VERIFY/{session-id}/{otp}\n\nExample Request:
\nGET https://2factor.in/API/V1/XXXX-XXXX-XXXX-XXXX-XXXX/SMS/VERIFY/mf2ddmrx85yxvr8c4i90h22-978c35134572494d8/123456\n\nSandbox Response (Default):
\n{\n \"Status\": \"Error\",\n \"Details\": \"OTP Mismatch\"\n}\n\nSpecial Test Case:
For testing successful verification, use the special test session and OTP:
GET https://2factor.in/API/V1/{api-key}/SMS/VERIFY/Dummy-12345/12345\n\nSuccess Response:
\n{\n \"Status\": \"Success\",\n \"Details\": \"OTP Matched\"\n}\n\nEndpoint Pattern:
\nGET https://2factor.in/API/V1/{api-key}/SMS/VERIFY2/{session-id}/{otp}\n\nExample Request:
\nGET https://2factor.in/API/V1/XXXX-XXXX-XXXX-XXXX-XXXX/SMS/VERIFY2/mf2ddmrx85yxvr8c4i90h22-978c35134572494d8/123456\n\nSandbox Response:
\n{\n \"Status\": \"Error\",\n \"Details\": \"OTP Mismatch\"\n}\n\nNote: VERIFY2 endpoints always return \"OTP Mismatch\" in sandbox mode for testing error handling.
\nHere's a complete testing workflow using sandbox endpoints:
\ncurl \"https://2factor.in/API/V1/your-api-key/SMS/+919920123456/AUTOGEN2/TestTemplate\"\n\nResponse:
\n{\n \"Status\": \"Success\",\n \"Details\": \"mf2dxd0bhngrkfjm79j-978c33db288487d8\",\n \"OTP\": \"521983\"\n}\n\ncurl \"https://2factor.in/API/V1/your-api-key/SMS/VERIFY/mf2dxd0bhngrkfjm79j-978c33db288487d8/123456\"\n\nResponse:
\n{\n \"Status\": \"Error\",\n \"Details\": \"OTP Mismatch\"\n}\n\ncurl \"https://2factor.in/API/V1/your-api-key/SMS/VERIFY/Dummy-12345/12345\"\n\nResponse:
\n{\n \"Status\": \"Success\",\n \"Details\": \"OTP Matched\"\n}\n\nNo actual SMS sent: All endpoints return dummy responses
\nRandom session IDs: Each request generates a new random session ID
\nFixed test credentials: Only Dummy-12345/12345 returns success for VERIFY
Account-specific: Sandbox mode must be enabled per account and phone number
\nUse AUTOGEN2 for testing complete workflows (includes OTP in response)
\nTest both success and failure scenarios using appropriate endpoints
\nSession IDs are random - don't hardcode them in your tests
\nAlways test error handling using VERIFY2 endpoints
\nEmail: support@2factor.in
\nSubject: \"Sandbox Environment Setup Request\"
\nInclude: API key, test phone numbers, and use case description
\nAll sandbox endpoints return HTTP 200 with JSON response body. Check the Status field in the response to determine success or failure:
\"Status\": \"Success\" - Operation completed successfully
\"Status\": \"Error\" - Operation failed (check Details for reason)
Sandbox endpoints do not follow any rate limiting as production endpoints.
\n","_postman_id":"6cef8eec-75fc-4629-80f1-e0f83fa992a1"}],"id":"46b8df37-b085-45e0-9dae-ce6b52f722c9","description":"This section outlines the API endpoints available for sending and verifying SMS OTPs. The service supports both manual and automatic OTP generation to meet diverse client requirements.
\nTo send OTP messages with a custom sender ID and customized SMS text, follow the steps below:
\nDLT Template Registration
Register your SMS content template on any telecom operator's DLT portal. Ensure the content complies with regulatory requirements and includes placeholders where applicable.
Template Approval and Submission
Once the SMS content template is approved:
Log in to the 2Factor Dashboard.
\nNavigate to SMS OTP > OTP Templates and submit the approved template details, including the DLT registration information.
\nNeed Support?
For guidance with the template registration or submission process, contact us at support@2factor.in.
This approach ensures compliance with regulatory standards while allowing businesses to customize their SMS OTP messages.
\n","_postman_id":"46b8df37-b085-45e0-9dae-ce6b52f722c9"},{"name":"Send Transactional SMS","item":[{"name":"Send Single SMS","item":[{"name":"Send Single SMS","id":"726383fc-97cb-4355-b6c3-4041adbf0ddd","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"urlencoded","urlencoded":[{"key":"module","value":"TRANS_SMS","description":"Module name - TRANS_SMS for transactional SMS
\n","type":"text"},{"key":"apikey","value":"7e825d24-XXXX-XXXX-XXXX-0200cd93604211","description":"API key issued against your account
\n","type":"text"},{"key":"to","value":"91XXXXXXXXXX,91YYYYYYYYYY","description":"Phone numbers separated by comma
\n","type":"text"},{"key":"from","value":"HEADER","description":"DLT approved sender id
\n","type":"text"},{"key":"msg","value":"DLT Approved Message Text Goes Here","description":"DLT approved SMS text
\n","type":"text"},{"key":"scheduletime","value":"2022-01-01 13:27:00","description":"(*optional) Time at which SMS needs to be triggered
\nNote: Schedule time must be at least 5 minutes greater than the current time
\n","type":"text"},{"key":"peid","value":"DLT Registration Number","description":"(*optional) PE Id of the DLT approved content template
\n","type":"text"},{"key":"ctid","value":"DLT Content Template Id","description":"(*optional) CT Id of the DLT approved content template
\n","type":"text"},{"key":"campaignname","value":"Name For a Click Tracking Campaign","description":"(*optional) To enable dynamic shortlinking of a URL in the message & track clicks
\n","type":"text"},{"key":"campaignwebhook","value":"URL for receiving Webhook notification on shortlink clicks","description":"(*Optional) Publicly accessible URL for receiving realtime webhook about link click
\n","type":"text"}]},"url":"https://2factor.in/API/R1/","description":"Use this endpoint to send Transactional SMS, including:
\nOTPs
\nOrder notifications
\nService Implicit and Service Explicit messages
\nThis endpoint allows you to send Bulk SMS messages using the 2Factor.in API.
\nURL: https://2factor.in/API/R1/Bulk/
Method: POST
Headers:
\nContent-Type: application/jsonmessages Array){\n \"module\": \"TRANS_SMS\",\n \"apikey\": \"XXXXX-XXXX-XXXX-XXXX-XXXX\",\n \"messages\": [\n {\n \"smsFrom\": \"TFACTR\",\n \"smsTo\": \"+919876543210\",\n \"smsText\": \"Welcome! Your verification code is 483920\",\n \"callback_value1\": \"order_98765\",\n \"callback_value2\": \"cust_1122\",\n \"callback_format\": \"json\"\n },\n {\n \"smsFrom\": \"TFACTR\",\n \"smsTo\": \"+918765432109\",\n \"smsText\": \"Payment received. Thank you!\",\n \"callback_value1\": \"txn_554433\",\n \"callback_format\": \"json\"\n }\n ]\n}\n\nAPI Response prints requests which are successfully accepted, as well as requests which have been rejected for input validations on the phone number value.
\n{\n \"success\": true,\n \"requestId\": \"f4bda732-XXXX-XXXX-XXXX-518b4ea82708\",\n \"messageCount\": 2,\n \"timestamp\": \"2024-12-16T10:59:17.311Z\",\n \"processingTime\": 1224,\n \"queueStats\": {\n \"success\": true,\n \"totalChunks\": 1,\n \"successfulChunks\": 1,\n \"failedChunks\": 0\n },\n \"messages\": [\n {\n \"messageId\": \"f4bda732-XXXX-XXXX-XXXX-518b4ea82708-1\",\n \"smsFrom\": \"TFACTR\",\n \"smsTo\": \"+91XXXXXXXXXX\"\n },\n {\n \"messageId\": \"f4bda732-XXXX-XXXX-XXXX-518b4ea82708-2\",\n \"smsFrom\": \"TFACTR\",\n \"smsTo\": \"+91XXXXXXXXXX\"\n }\n ],\n \"rejectedSamples\": [\n {\n \"index\": 0,\n \"phone\": \"+91abcg\",\n \"reason\": \"Phone number should only contain digits (with optional leading + sign)\"\n },\n {\n \"index\": 2,\n \"phone\": \"+911\",\n \"reason\": \"Phone number must match the required format\"\n },\n {\n \"index\": 4,\n \"phone\": \"+911\",\n \"reason\": \"Phone number must match the required format\"\n }\n ]\n}\n\nCase 1: Invalid API Key
\n{\n \"success\": false,\n \"requestId\": \"e3de200f-XXXX-XXXX-XXXX-2a9255bb7c51\",\n \"error\": \"Validation failed\",\n \"errorType\": \"ValidationError\",\n \"details\": [\n {\n \"field\": \"apikey\",\n \"error\": \"Invalid API Key Or TRANSACTIONAL_SMS Service Is Inactive\"\n }\n ],\n \"timestamp\": \"2024-12-16T10:59:47.062Z\"\n}\n\nCase 2: Invalid JSON Format
\njsonCopy code{\n \"success\": false,\n \"requestId\": \"147dbbef-XXXX-XXXX-XXXX-6271da57cdca\",\n \"error\": \"Validation failed\",\n \"errorType\": \"ValidationError\",\n \"details\": [\n {\n \"error\": \"Failed to parse request body as JSON\",\n \"details\": \"Expected ',' or ']' after array element in JSON at position 294 (line 15 column 5)\"\n }\n ],\n \"timestamp\": \"2024-12-16T11:00:22.700Z\"\n}\n\nJSON
\n{\n \"SessionId\": \"30b3c545-5e1a-482e-9fac-1a76e805020d-1\",\n \"SmsFrom\": \"TFACTR\",\n \"SmsTo\": \"9876543210\",\n \"SmsStatus\": \"DELIVERED\",\n \"SentAt\": \"2025-11-24 19:43:06\",\n \"StatusAt\": \"2025-11-24 19:43:08\",\n \"callback_value1\": \"order_98765\",\n \"callback_value2\": \"cust_1122\"\n}\n\nKey Validation Rules
\nModule: Must always be \"TRANS_SMS\".
API Key: Must be valid and linked to an active service.
\nMessages Array: Must contain at least one message and not exceed 1000 messages per request.
\nPhone Numbers:
\nMust be in international format (e.g., +91XXXXXXXXXX).
Only numeric characters are allowed, with an optional leading +.
SMS Content: Message length must not exceed 1000 characters.
\nDouble-check your JSON structure to avoid formatting errors.
\nUse authorized Sender IDs (smsFrom) configured in your account.
Validate phone numbers and SMS text before sending the request to reduce errors.
\nThe 2Factor Bulk SMS API allows you to send multiple SMS messages in a single API request. This is ideal for sending transactional or promotional messages to multiple recipients simultaneously.
\n","_postman_id":"04f200f8-7181-4329-a407-588e853f04ba"}],"id":"5cfdbec3-08c4-4966-b98c-f2c6677a3f85","description":"Use the following endpoint to send Non-Promotional SMS requests categorized under Service Implicit. This endpoint allows delivery of SMS text approved for Service Implicit or Service Explicit message types on the DLT platform.
\nThis endpoint ensures compliance with regulatory standards while enabling the secure delivery of service-based SMS messages.
\n","_postman_id":"5cfdbec3-08c4-4966-b98c-f2c6677a3f85"},{"name":"Send Promotional SMS","item":[{"name":"Send SMS","id":"1abc3ca8-b48a-4177-8072-e5a45bed20b5","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"urlencoded","urlencoded":[{"key":"module","value":"PROMO_SMS","description":"Module name - PROMO_SMS for Promotional SMS
\n","type":"text"},{"key":"apikey","value":"7e825d24-XXXX-XXXX-XXXX-0200cd93604211","description":"API key issued against your account
\n","type":"text"},{"key":"to","value":"91XXXXXXXXXX,91YYYYYYYYYY","description":"Phone numbers separated by comma
\n","type":"text"},{"key":"from","value":"HEADER","description":"DLT approved sender id
\n","type":"text"},{"key":"msg","value":"DLT Approved Message Text Goes Here","description":"DLT approved SMS text
\n","type":"text"},{"key":"scheduletime","value":"2022-01-01 13:27:00","description":"(*optional) Time at which SMS needs to be triggered
\nNote: Schedule time must be at least 5 minutes greater than the current time
\n","type":"text"}]},"url":"https://2factor.in/API/R1/","description":"This endpoint is used to send Promotional SMS, such as:
\nOffers and discounts
\nSeasonal greetings
\nCoupon codes
\nRe-targeting messages
\nSupports Service Explicit and Promotional Messages as registered on the DLT platform.
\n","urlObject":{"protocol":"https","path":["API","R1",""],"host":["2factor","in"],"query":[],"variable":[]}},"response":[{"id":"2d5a945c-10dd-42d9-a1e2-3d0a852fd79e","name":"Success","originalRequest":{"method":"POST","header":[],"body":{"mode":"urlencoded","urlencoded":[{"key":"module","value":"PROMO_SMS","description":"Module name - PROMO_SMS for promotional SMS","type":"text"},{"key":"apikey","value":"7e825d24-XXXX-XXXX-XXXX-0200cd936042","description":"API key issued against your account","type":"text"},{"key":"to","value":"91XXXXXXXXXX,91YYYYYYYYYY","description":"Phone numbers separated by comma","type":"text"},{"key":"from","value":"HEADER","description":"DLT approved sender id","type":"text"},{"key":"msg","value":"DLT Approved Message Text Goes Here","description":"DLT approved SMS text","type":"text"}]},"url":"https://2factor.in/API/R1/"},"status":"OK","code":200,"_postman_previewlanguage":"plain","header":[{"key":"Date","value":"Sun, 02 May 2021 18:17:23 GMT"},{"key":"Content-Type","value":"application/x-www-form-urlencoded"},{"key":"Transfer-Encoding","value":"chunked"},{"key":"Connection","value":"keep-alive"},{"key":"Set-Cookie","value":"__cfduid=d6b8d8179a8366eabdad5847956f4ee711619979442; expires=Tue, 01-Jun-21 18:17:22 GMT; path=/; domain=.compute-india.in; HttpOnly; SameSite=Lax; Secure"},{"key":"Host","value":"cp.compute-india.in"},{"key":"X-Real-IP","value":"180.188.235.14"},{"key":"X-Forwarded-Proto","value":"https"},{"key":"CF-Ray","value":"64933efdaa5518a3-SIN"},{"key":"Accept-Encoding","value":"gzip"},{"key":"Accept","value":"*/*"},{"key":"User-Agent","value":"PostmanRuntime/7.26.10"},{"key":"CF-Connecting-IP","value":"180.188.235.14"},{"key":"CF-IPCountry","value":"IN"},{"key":"cf-request-id","value":"09cfe5b286000018a3ab3a7000000001"},{"key":"CF-Visitor","value":"{\"scheme\":\"https\"}"},{"key":"Expect-CT","value":"max-age=604800, report-uri=\"https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct\""},{"key":"Report-To","value":"{\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report?s=Uz8asmu9U4m8qPypOUhIR%2Ft3jaM2KI427sPBiAc7TqmURUL0leiRn931ZfYTbPaqgbu92tVXiENN%2F8vkc1di4YRupqcp4TcgkXMcn3APnvfkM%2FLO\"}],\"group\":\"cf-nel\",\"max_age\":604800}"},{"key":"NEL","value":"{\"report_to\":\"cf-nel\",\"max_age\":604800}"},{"key":"Vary","value":"Accept-Encoding"},{"key":"Server","value":"cloudflare"}],"cookie":[],"responseTime":null,"body":"{\"Status\":\"Success\",\"Details\":\"09cfe5b29d000018a3acb36000000001\"}"},{"id":"ad1e8173-3b0d-433b-b7f9-bd49032cd711","name":"Error","originalRequest":{"method":"POST","header":[],"body":{"mode":"urlencoded","urlencoded":[{"key":"module","value":"PROMO_SMS","description":"Module name - PROMO_SMS for promotional SMS","type":"text"},{"key":"apikey","value":"7e825d24-XXXX-XXXX-XXXX-0200cd936042","description":"API key issued against your account","type":"text"},{"key":"to","value":"91XXXXXXXXXX,91YYYYYYYYYY","description":"Phone numbers separated by comma","type":"text"},{"key":"from","value":"HEADER","description":"DLT approved sender id","type":"text"},{"key":"msg","value":"DLT Approved Message Text Goes Here","description":"DLT approved SMS text","type":"text"}]},"url":"https://2factor.in/API/R1/"},"status":"Bad Request","code":400,"_postman_previewlanguage":"plain","header":[{"key":"Date","value":"Sun, 02 May 2021 18:19:30 GMT"},{"key":"Content-Type","value":"application/x-www-form-urlencoded"},{"key":"Transfer-Encoding","value":"chunked"},{"key":"Connection","value":"keep-alive"},{"key":"Host","value":"cp.compute-india.in"},{"key":"X-Real-IP","value":"180.188.235.14"},{"key":"X-Forwarded-Proto","value":"https"},{"key":"CF-Ray","value":"6493421b7c7f18a3-SIN"},{"key":"Accept-Encoding","value":"gzip"},{"key":"Accept","value":"*/*"},{"key":"Cookie","value":"__cfduid=d6b8d8179a8366eabdad5847956f4ee711619979442"},{"key":"User-Agent","value":"PostmanRuntime/7.26.10"},{"key":"CF-Connecting-IP","value":"180.188.235.14"},{"key":"CF-IPCountry","value":"IN"},{"key":"cf-request-id","value":"09cfe7a528000018a308a49000000001"},{"key":"CF-Visitor","value":"{\"scheme\":\"https\"}"},{"key":"Expect-CT","value":"max-age=604800, report-uri=\"https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct\""},{"key":"Report-To","value":"{\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report?s=ctxF%2Ff3SnTWJicX4XaGftuNj21d%2BAdk0R%2FQiWlUpFVeMmKckfYbAlYqbcJn42Nf5ugBrQa%2Fnd8kdey5KmXOZlG9tZlfdNjvxeT6CxlSAzIyag6Y7\"}],\"group\":\"cf-nel\",\"max_age\":604800}"},{"key":"NEL","value":"{\"report_to\":\"cf-nel\",\"max_age\":604800}"},{"key":"Vary","value":"Accept-Encoding"},{"key":"Server","value":"cloudflare"}],"cookie":[],"responseTime":null,"body":"{\"Status\":\"Error\",\"Details\":\"ERR_DETAILS_GO_HERE\"}"}],"_postman_id":"1abc3ca8-b48a-4177-8072-e5a45bed20b5"}],"id":"592e4c16-6058-4dc1-8d56-332453333307","description":"Use this endpoint to send Promotional SMS to your clients, including:
\nOffers and discounts
\nSeasonal greetings
\nCoupon codes
\nRe-targeting messages
\nMessage Types: Supports Service Explicit and Promotional Messages as approved on the DLT platform.
\nCompliance Requirement: Starting April 1, 2021, only DLT-approved SMS formats are allowed. Ensure all promotional content is registered and approved on the DLT portal before initiating requests.
\nThe Encrypted SMS API provides secure methods to send SMS messages and retrieve their delivery statuses. The API ensures data confidentiality using *AES-256 bit encryption in GCM & CBC mode.__*
\nAll API requests require the Secret-Key in the headers for authentication. The key must be encrypted using AES-256 GCM / CBC mode.
\nURL: https://2factor.in/API/R1?module=ENC&encmode=GCM
Method: POST
Headers:
\nSecret-Key: The AES-256 bit encrypted key.The request requires an encrypted JSON payload structured as follows:
\n{\n \"module\": \"TRANS_SMS\",\n \"apikey\": \"954817d9-XXXX-XXXX-XXXX-XXXX-cd936042\",\n \"to\": \"91XXXXXXXXXX\",\n \"from\": \"SENDER\",\n \"msg\": \"Your DLT Approved SMS Text\"\n}\n\nPrepare JSON Payload: Use the format above with valid API key and message details.
\nEncrypt the Payload: Encrypt using AES-256 CBC / GCM mode with the provided sandbox secret key.
\nSend Encrypted Payload: Include the encrypted value in the body of the POST request.
\n encmode supported CBC & GCM values to indicate the mode of encryption. default encryption mode is CBC
curl -X POST \"https://2factor.in/API/R1/?module=ENC\" \\\n-H \"Secret-Key: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\" \\\n-d \"<EncryptedPayload>\"\n\nURL: https://2factor.in/API/R1?module=ENC
Method: POST
Headers:
\nSecret-Key: The AES-256 bit encrypted key.The request requires an encrypted JSON payload structured as follows:
\n{\n \"module\": \"TRANS_SMS_DLR\",\n \"apikey\": \"54817d9-XXXX-XXXX-XXXX-XXXX-cd936042\",\n \"sessionid\": \"XXXXXXXXXXXXX-8477e7fc9c7749c6\",\n \"smsdate\": \"2024-01-18\"\n}\n\nPrepare JSON Payload: Use the format above with valid API key, session ID, and date.
\nEncrypt the Payload: Encrypt using AES-256 GCM mode with the provided sandbox secret key.
\nSend Encrypted Payload: Include the encrypted value in the body of the POST request.
\ncurl -X POST \"https://2factor.in/API/R1/?module=ENC\" \\\n-H \"Secret-Key: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\" \\\n-d \"<EncryptedPayload>\"\n\nAll API responses are in JSON format. Below are common scenarios and their respective responses:
\nNote: Error responses are printed in json plaintext , Success respomses would be in an encrypted format as given in the below examples
\n{\n \"Status\": \"Success\",\n \"Details\": \"wYW/rnHQquWW2U7d0fk9PQniy5oGI+fbkFazRtrY4FEfCzt241yqf2jPeXu3FmOiHijgn8acnilxh48T9bNPKQ==\"\n}\n\nThe decrypted Details field provides a unique SMS request ID.
{\n \"Status\": \"Success\",\n \"Details\": \"1 record found for the specified filters\",\n \"DeliveryStatus\": \"DELIVERED\",\n \"SentAt\": \"2024-01-18 19:25:41\",\n \"DeliveredAt\": \"2024-01-18 19:42:33\"\n}\n\nOr, if no records are found:
\n{\n \"Status\": \"Success\",\n \"Details\": \"No records found for the specified filters\"\n}\n\nThe API provides clear error messages for troubleshooting. Common errors include:
\nEncryption: Ensure all payloads are encrypted with AES-256 GCM mode.
\nTransport Layer Security: Always use HTTPS for secure transmission.
\nKey Management: Safeguard your Secret-Key and API-Key and avoid exposing them in public repositories or documentation.
Response Validation: Decrypt and validate responses to ensure the integrity of the data.
\nFor pricing and setup, see our WhatsApp Business API Pricing and WhatsApp Business API Integration Guide.
\n","_postman_id":"a32ba9bf-b527-473a-a854-a49832f09121"},{"name":"Whatsapp Voice Calling APIs","item":[],"id":"779f8a62-c29c-4314-b140-a1a2115836bb","description":"We also provide a dedicated WhatsApp Voice Calling API for businesses looking to add call capabilities.
\nIn alignment with the latest TRAI guidelines, all URLs included in SMS text must be pre-whitelisted on the DLT platform. To meet this compliance requirement, 2Factor introduces the Dynamic Shortlinking Feature as part of the Transactional SMS API.
\nDynamic URL Shortening
\nAutomatic URL Shortening: URLs in SMS messages are dynamically shortened at runtime.
\nDLT Compliance: Shortened URLs adhere to DLT-approved formatting standards.
\nExample: https://e.1rp.in/DLT_HEADER/h6fgsf
For example, if your SMS header is TFACTR, URLs in your SMS will be replaced with shortened versions like:
https://e.1rp.in/TFACTR/h6fgsFree Alternative to Third-Party Services: This feature serves as a free replacement for services like Bit.ly.
\nAdd the parameter shortenurl=1 in your R1 - Transactional API request to activate the feature.
Whitelist the following URL format on the DLT portal under CTA-Whitelisting:
\nhttps://e.1rp.in/DLT_HEADER/\\\\*This ensures all dynamically created short URLs comply with DLT regulations.
\nReal-Time Tracking: Monitor user interaction with shortened URLs in real-time.
\nEnable Click Tracking:
\nUse the parameter shortenurlwebhook to specify the webhook URL for click notifications.
Pass a custom callback value using the parameter shortenurlcallback to include it in webhook payloads.
To eliminate delays caused by DLT template replication (previously up to 4 hours), clients can now pass DLT Principal Entity ID (PEID) and DLT Content Template ID (CTID) in real-time during the API request.
\nplaintextCopy codehttps://2factor.in/API/R1/?module=TRANS_SMS&apikey=API_KEY&to=CONTACT_NUMBER&from=DLT_HEADER&msg=DLT_APPROVED_CONTENT&peid=PE_ID&ctid=CT_ID\n\nPE_ID: Replace with the Principal Entity ID of the DLT-approved message.
CT_ID: Replace with the Content Template ID of the DLT-approved message.
The Transactional SMS API now includes URL shortening with real-time click tracking, enabling businesses to measure campaign performance effectively.
\nDynamically shorten URLs included in SMS messages.
\nMonitor user interactions, such as phone numbers that access the links.
\nReceive real-time click data via webhook.
\nplaintextCopy codehttps://2factor.in/API/R1/?module=TRANS_SMS&apikey=API_KEY&to=CONTACT_NUMBER&from=DLT_HEADER&msg=DLT_APPROVED_CONTENT&campaignname=CAMPAIGN_NAME&campaignwebhook=URL_ENCODED_CALLBACK_URL\n\ncampaignwebhook (Optional): A URL-encoded callback URL to receive real-time click notifications.
When a user clicks on a shortened link, 2Factor sends an HTTP POST request to the specified campaignwebhook URL. The payload contains the following information:
plaintextCopy codeaccessed=2024-11-29 14:30:00&phoneNo=9876543210&campaignName=PromoCampaign&ip=192.168.1.1\n\nParameter Encoding: Ensure all parameters are properly URL-encoded before making API requests.
\nAPI Security:
\nUse IP-based restrictions to secure API access.
\nRegularly rotate API keys to prevent unauthorized access.
\nFor support, contact 2Factor Support.
\n