# Integrate WSO2 IS

Enable Multi-Factor Authentication (MFA) using SMS One-Time Passwords (OTP) in your application by utilizing D7 API from WSO2.

### Integration Steps

* **Add MFA with SMS OTP**

To configure a custom SMS provider, in the SMS Provider section click the Custom tab and fill the required fields. 

SMS Provider URL: <https://api.d7networks.com/messages/v1/send&#x20>;

Content Type: JSON&#x20;

HTTP Method: POST

&#x20;Headers: Authorization: Bearer YOUR\_API\_TOKEN\_FROM\_D7\_DASHBOARD.( Get your API token from  <https://app.d7networks.com/api-tokens>)

**Payload Template:**

```
{   
    "messages": 
    [     
        {         
            "originator": "WSO2",         
            "recipients": [{{mobile}}],         
            "content": "Your OTP code for login is: \{{body}},         
            "client_ref": "WSO2"          
        }     
    ]        
}
```

Please ensure to replace the originator with your registered sender id.

<figure><img src="https://1617928555-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F56vP61LHDfGd4HenwKbH%2Fuploads%2FoTjzeGoyQ209674zxFQy%2F1.wso2-is-sms.png?alt=media&#x26;token=fb3db5a3-cdd9-47b8-a564-2a1b24740cb8" alt=""><figcaption></figcaption></figure>

* **Add MFA with WhatsApp OTP**

For WhatsApp OTP, we currently use the custom SMS provider. To configure it, go to the SMS Provider section, select the Custom tab, and complete the required fields.

SMS Provider URL: <https://api.d7networks.com/whatsapp/v2/send&#x20>;

Content Type: JSON&#x20;

HTTP Method: POST&#x20;

Headers: Authorization: Bearer YOUR\_API\_TOKEN\_FROM\_D7\_DASHBOARD

Payload Template:

```
{
    "messages": [
        {
            "originator": "+91 90615 255xx",
            "content": {
                "message_type": "TEMPLATE",
                "template": {
                    "template_id": "otp_test",
                    "language": "en",
                    "buttons":{
                        "actions": [
                            {
                                "action_index": "0",
                                "action_type": "url",
                                "action_payload": {{body}}
                            }
                        ]
                    }
                }
            },
            "recipients": [
                {
                    "recipient": {{mobile}}
                }
            ],
            "client_ref": "WSO2-WA"
        }
    ]
}
```

Please ensure to replace the originator with your registered WhatsApp number and the template\_id with the ID of the template you’ve registered in the D7 User Dashboard.

<figure><img src="https://1617928555-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F56vP61LHDfGd4HenwKbH%2Fuploads%2FZzj0qm2jvXlB5GcDW5wT%2F2.wso2-is-whatsapp.png?alt=media&#x26;token=dd8249c9-3e85-4315-9dbe-f712cfa5f72c" alt=""><figcaption></figcaption></figure>

* **Enable MFA in Your Application**

You can refer to the following link to enable MFA for your application in WSO2-IS: <https://is.docs.wso2.com/en/latest/guides/authentication/mfa/add-smsotp-login/&#x20>;

* **Verify Your Identity**

Once enabled, customers will be able to verify their identity using their mobile number.

<div><figure><img src="https://1617928555-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F56vP61LHDfGd4HenwKbH%2Fuploads%2Fz0y0v8dkKxKGCC0yVbRz%2F4.wso2-is-otpwindow.png?alt=media&#x26;token=e0c5d9d1-0793-4a0f-95d3-36618141c3c2" alt=""><figcaption></figcaption></figure> <figure><img src="https://1617928555-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F56vP61LHDfGd4HenwKbH%2Fuploads%2F7BXxsO8Mxp7Pvdoe6v0j%2F3.wso2-is-authenticate-window.png?alt=media&#x26;token=af15c267-e1c8-4bc3-84af-1d6cc2a7872f" alt=""><figcaption></figcaption></figure></div>

* C**onfigure OTP expiry, alphanumeric characters, and OTP length settings.**

1. Navigate to **Connections**.
2. Select **SMS OTP** > **Setup** > **Settings**.
3. Configure the desired settings for OTP expiry, alphanumeric characters, and OTP length.

<div><figure><img src="https://1617928555-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F56vP61LHDfGd4HenwKbH%2Fuploads%2FCZuR1WXuy9RCUKJLv8qt%2F5.wso2-is-otp-expiry-1.png?alt=media&#x26;token=e5b04238-a7d1-4b53-bcd6-117b1e90286a" alt=""><figcaption></figcaption></figure> <figure><img src="https://1617928555-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F56vP61LHDfGd4HenwKbH%2Fuploads%2FTzzG9yjWxtkUyAjWLwyV%2F6.wso2-is-otp-expiry2.png?alt=media&#x26;token=c628209f-877a-4149-918e-c3ddbee13b2c" alt=""><figcaption></figcaption></figure></div>