Question: How to use AWS SNS for sending SMS for Passwordless
We are trying to invoke POST /passwordless/start endpoint to send code to our phone via SMS. For enabling that, the below steps are performed following the passwordless documentation:
- Enabled passwordless SMS option
- Fetch the connections using GET /api/v2/connections
- Replaced the Twilio id and invoked PATCH /api/v2/connections/{conn_id} assuming that the URL of our AWS SNS provider should be set in gateway_url parameter.
- Invoked POST /passwordless/start,
Following this steps on step 4 Auth0 returns the following error:
"error":
"sms_provider_error",
"error_description":
"Unexpected response while calling the SMS gateway: 404"
Do we have any other options to connect to AWS SNS other than the gateway_url?
Answer:
For the MFA use case, customers can write custom code in the Auth0 hooks to send SMS via AWS SNS following our documentation here.
Currently, we don’t have a similar option for passwordless. The solution to support AWS SNS as an SMS provider for passwordless is implementing a proxy that will handle the custom API calls to the SNS service. This proxy may be an AWS Lambda function with a similar code as in our sample for MFA.
The passwordless API calls towards the AWS Lambda can be protected with the symmetric API tokens. The configuration on the Auth0 side is documented in this section of our documentation.
The proxy app needs to verify the token with the same secret. As an example, if you implement the proxy with Node.js, you may use the following sample:
// verify a token symmetric
jwt.verify(token, 'shhhhh', function(err, decoded) {
console.log(decoded.foo) // bar
});