FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login

    Implementing Phone Number Verification in FusionAuth Without Enabling 2FA

    Scheduled Pinned Locked Moved Solved
    Frequently Asked Questions (FAQ)
    mfa
    3
    4
    844
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      wesley
      last edited by

      We’re integrating FusionAuth with our system and want to verify users’ phone numbers during registration, but we’re not ready to enable two-factor authentication (2FA). Is there a recommended way to implement phone number verification via SMS during registration without enabling 2FA? Ideally, we’d like users to enter their phone number and verify it before completing the registration process.

      W 1 Reply Last reply Reply Quote 1
      • W
        wesley @wesley
        last edited by

        While the simplest built-in way to verify phone numbers is through two-factor authentication (2FA), it’s understandable if you’re not ready to enable that yet. As an alternative, you can implement phone number verification programmatically using FusionAuth’s webhooks.

        When a user registers, FusionAuth can trigger the user.registration.create webhook event (or other user registration events). You could listen for this event and run your own logic to send an SMS verification code via your preferred SMS provider. Once the user verifies the code, you could then mark their phone number as verified in your own system or update user data in FusionAuth as needed.

        You can read more about relevant webhooks here:
        User Registration Webhook Events

        danD 1 Reply Last reply Reply Quote 0
        • W wesley marked this topic as a question on
        • W wesley has marked this topic as solved on
        • P
          personinblack.2222
          last edited by

          We had the same setup - needed phone verification without 2FA in FusionAuth. Ended up using webhooks to trigger an external service. I integrated with sms-verification-number.com via their API because I needed real SIM-based numbers, not VoIP. Chose a Polish operator for a local test, and the code arrived in about 50 seconds. If the SMS hadn’t come through, the system would’ve canceled and pulled a new number automatically - no charge. Since we’re testing across regions, being able to switch countries fast helped avoid delays.

          1 Reply Last reply Reply Quote 0
          • danD
            dan @wesley
            last edited by

            Just an FYI, as of 1.59.0, phone number verification is now fully supported in FusionAuth.

            Read more here: https://fusionauth.io/docs/lifecycle/manage-users/verification/gate-accounts-until-user-phone-verified

            --
            FusionAuth - Auth so modern you can download it.
            https://fusionauth.io

            1 Reply Last reply Reply Quote 0
            • First post
              Last post