Example: Custom One-Time Password Delivery Handler
In this example, a custom one-time password (OTP) delivery handler calls out to Telesign to send a custom message to an external Salesforce user.
Required Editions
| Available in: both Salesforce Classic (not available in all orgs) and Lightning Experience |
| Available in: Professional, Enterprise, Unlimited, and Developer Editions |
This code sample is for demonstration only. Make sure you evaluate and test any code before implementing it in production.
The sendOneTimePassword method in the handler sends an HTTP
POST request to Telesign's messaging API,
https://rest-ww.telesign.com/v1/messaging. The request can include these
supported Telesign headers.
| Telesign Header | Description |
|---|---|
Accept
|
Specifies the response format that Salesforce expects. |
Content-Type
|
Specifies the format of the request. |
Authorization
|
Authenticates the request by including the Telesign customer ID and API key. The
customer ID and API key are appended to each other in the format customer ID:API key. The resulting value is
Base64-encoded. |
The request body includes these supported Telesign parameters. See Send an SMS message on the Telesign documentation site.
| Telesign parameter | Description |
|---|---|
is_primary
|
Indicates that Telesign is the primary provider. |
phone_number
|
The external user's phone number. Although the phone number can be associated with the user's account, it isn't necessarily verified. |
message
|
The content of the message to send to the external user. In this example, the message includes some text to introduce the custom OTP, the OTP itself, and the default text for the Salesforce SMS provider. |
message_type
|
Specifies that the message includes an OTP. |
If successful, Telesign sends the Salesforce OTP to the external user. The handler processes
the response and returns an Auth.CustomOneTimePasswordDeliveryResult that indicates whether the request was
successful.
global class TelesignMessaging implements Auth.CustomOneTimePasswordDeliveryHandler{
global Auth.CustomOneTimePasswordDeliveryResult sendOneTimePassword(Id userId, String
phoneNumber, String oneTimePassword, String defaultText, Id networkId, String experienceId)
{ //Send the message from Telesign
HttpRequest request = new HttpRequest();
//The commented-out code on the next line isn't necessary if you use named credentials
//request.setEndpoint('https://rest-ww.telesign.com/v1/messaging');
request.setEndpoint('callout:Telesign_SMS_Named');
request.setMethod('POST');
String requestBody = 'is_primary=true&phone_number=' + phoneNumber +
'&message='+'Custom OTP%20'+ oneTimePassword+'; '+defaultText+'&message_type=OTP';
request.setHeader('accept', 'application/json');
request.setHeader('content-type', 'application/x-www-form-urlencoded');
//The commented-out code on the next line isn't necessary if you use named credentials
//request.setHeader('authorization', 'Basic <Base64-encoded Telesign customer ID:API key>');
request.setBody(requestBody);
HttpResponse response = new Http().send(request);
// Handle the response as needed
return Auth.CustomOneTimePasswordDeliveryResult.SUCCESS;
}
}