Sends a SMS verification code for phone number sign-in.
To localize the text of the SMS sent to the user, set the HTTP header X-Firebase-Locale
to the language code that corresponds with the user's locale.
An API key is required in the request in order to identify the Google Cloud project.
HTTP request
POST https://identitytoolkit.googleapis.com/v1/accounts:sendVerificationCode
The URL uses gRPC Transcoding syntax.
Request body
The request body contains data with the following structure:
JSON representation |
---|
{ "phoneNumber": string, "iosReceipt": string, "iosSecret": string, "recaptchaToken": string, "tenantId": string, "autoRetrievalInfo": { object ( |
Fields | |
---|---|
phone |
The phone number to send the verification code to in E.164 format. |
ios |
Receipt of successful iOS app token validation. At least one of ( |
ios |
Secret delivered to iOS app as a push notification. Should be passed with an |
recaptcha |
Recaptcha token for app verification. At least one of ( |
tenant |
Tenant ID of the Identity Platform tenant the user is signing in to. |
auto |
Android only. Used by Google Play Services to identify the app for auto-retrieval. |
safety |
Android only. Used to assert application identity in place of a recaptcha token. At least one of ( |
play |
Android only. Used to assert application identity in place of a recaptcha token (and safetyNetToken). At least one of ( |
captcha |
Optional. The reCAPTCHA Enterprise token provided by the reCAPTCHA client-side integration. Required when reCAPTCHA enterprise is enabled. |
client |
Optional. The client type, web, android or ios. Required when reCAPTCHA Enterprise is enabled. |
recaptcha |
Optional. The reCAPTCHA version of the reCAPTCHA token in the captchaResponse. Required when reCAPTCHA Enterprise is enabled. |
Response body
Response message for accounts.sendVerificationCode.
If successful, the response body contains data with the following structure:
JSON representation |
---|
{ "sessionInfo": string } |
Fields | |
---|---|
session |
Encrypted session information. This can be used in signInWithPhoneNumber to authenticate the phone number. |
Authorization scopes
Requires one of the following OAuth scopes:
https://www.googleapis.com/auth/identitytoolkit
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.
AutoRetrievalInfo
The information required to auto-retrieve an SMS.
JSON representation |
---|
{ "appSignatureHash": string } |
Fields | |
---|---|
app |
The Android app's signature hash for Google Play Service's SMS Retriever API. |