Ways to authenticate
Auth and access
Set up phone or SMS authentication
You can allow users to use their phone as a primary method for authentication. This is a passwordless method, where the user is sent a verification code via SMS. SMS can also be included as a secondary factor if you have multi-factor authentication set up.
(Existing phone auth Twilio users only) Switch on SMS for MFA
Link to this section- In Kinde, go to Settings > Environment > SMS.
- Scroll to the bottom and switch on the Use this service for SMS MFA option.
- Select Save.
Benefits of using a third-party SMS service instead of Kinde
Link to this section- Gives you full control over the SMS delivery nuances, such as SenderID, country registrations, and detailed delivery metrics.
- You can register dedicated short codes or sender IDs in countries that have strict SMS sending regulations like Ireland, NZ and Canada, which will greatly improve deliverability.
- Access to delivery logs and other service quality details for troubleshooting.
SMS provider requirements (Twilio)
Link to this sectionSMS authentication requires the services of a messaging provider, in this case, Twilio.
You need a Twilio business account to ensure messaging works for local and overseas phone numbers.
Phone authentication interactions are also known as A2P (Application to Person) messaging. Before you implement A2P, check if you need to register your business for 10DLC (10 Digit Long Code) support to be able to send messages, as this is required in some locations.
We also recommend you check Twilio’s guidelines for setting up messaging, and carefully follow procedures for registration, and SMS policies for all relevant countries.
What you need
Link to this sectionYou’ll need the following details that are in the dashboard of your Twilio account.
- The SID of your Twilio account
- The Auth Token for your Twilio account
- Your Twilio phone number or the Messaging Service SID (if you set one up)
Refer to the Twilio documentation for assistance setting up.
Configure phone SMS auth in Kinde
Link to this sectionAfter you set this up, you can use SMS for both phone authentication and SMS MFA.
-
In Kinde, go to Settings > Environment > SMS.
-
Select the Default country that you want to show on the authentication screen when users sign in.
-
Enter the Twilio details from your Twilio account (see above) in the relevant fields.
-
In the SMS source field, select either the Use Messaging service or Use phone number. Verification codes will be sent from whichever you choose.
-
Depending on your selection in the previous step, enter either the Messaging service SID or Twilio Phone number in the relevant field.
-
Select if you want to use a fallback service if the provider service is interrupted.
-
Select Save.
Switch on phone authentication for an application
Link to this sectionAfter you have set up Twilio details, you’re ready to switch on phone or SMS auth for your applications.
- Go to Settings > Environment > Authentication.
- In the Passwordless section, select Configure on the Phone tile.
- Switch on the auth method for the applications you want.
- Select Save.
Switch on SMS as a factor in MFA
Link to this sectionIf MFA is required or optional for your users, you may want to use the Twilio service for SMS MFA.
- Go to Settings > Environment > Multi-factor auth.
- Under Additional authentication methods, switch on SMS.
- Select Save.
SMS message format
Link to this sectionYou can’t customize the code message that user’s receive. We use a standard format as follows, to allow for easier translation.
Your verification code is [xxxxxx]
Connection ID
Link to this sectionWhen you configure phone authentication, you’ll see that a Connection ID is automatically assigned. If you’re building a custom authentication experience, you’ll need the ID to trigger the phone authentication workflow.