Are you looking to implement a one-time password (OTP) functionality in an Android app?
Android Developers have shared a handy new way to do this.
By using the SMS User Consent API you can prompt your users to share a single SMS message containing a one-time password. This means your app can now do SMS verification without asking for permission to read every single SMS message.
The API shows the user a prompt asking them if they want to share a single SMS message with your app. If the user accepts, the message will be shared with your app.
The new SMS User Consent API is making it a lot simpler. By using the API it prompts the user for permission to read that one text with the one-time password code. Once the user gives consent the app will have access to the entire message body to automatically complete SMS verification.
A previous way of doing this was to have a backend implementation in-between to authenticate the message and get the code, but this new way gives you temporary access to the user's messages. It then forwards that message to the app and lets you parse it manually.
You can also use the SMS retriever API for the same user flow. It creates a better user experience as the user won't be prompted. You just have to modify the SMS message to allow it to be automatically forwarded to your Android app.
Check out the video below from Android Developers on how to start using the API.
Thanks for reading the Tapadoo blog. We've been building iOS and Android Apps since 2009. If your business needs an App, or you want advice on anything mobile, please get in touch