Nexmo Labs hosts "beta" products, integrations, a small set of projects and experimental features built by Nexmo and our developer community.

Before you get started

Create your Nexmo account, it's free


 

OAuth: Nexmo Authentication Flow

Introduction

When your application acts on behalf of our users, it's important that:

  • The application be able to identify the user
  • The user's privacy is protected
  • Nexmo can tell which application and user are making the request

To accomplish this, Nexmo uses the OAuth 1.0a protocol to give your application authorized access to the APIs. OAuth is a standard for negotiating developer authorization and granting access on behalf of Nexmo users to perform API requests. One of OAuth's benefits is the availability of many libraries, allowing developers to authenticate with Nexmo quickly and in a similar manner to how they authenticate with services such as Twitter and LinkedIn.

In summary, the OAuth flow can be described as:

  • An application requests a set of temporary credentials, also known as a request token. At this point this credentials isn't associated with a specific Nexmo user's account
  • The application redirects the user to a Nexmo login page where they authorize these temporary credentials (request token) to be associated with their Nexmo user's account
  • The application upgrades the temporary request token for permanent credentials, also known as an access token. These credentials are necessary to give the application access to the Nexmo APIs and make calls on behalf of the Nexmo user's account

We suggest that you use an existing OAuth Library for your programming language of choice.

Configuring Your Application

Feel free to contact us if you want to participate to the "Apps developer program".

Sign in to your Nexmo Dashboard and select the "Apps" section.




Click on the "Developer" link and register your application:




And receive your "consumer key" and "consumer secret" required for the OAuth interaction:




Nexmo OAuth end points:

  • Request Token: https://dashboard.nexmo.com/oauth/request_token
  • Authorize: https://dashboard.nexmo.com/oauth/authorize
  • Authenticate: https://dashboard.nexmo.com/oauth/authenticate
  • Access Token: https://dashboard.nexmo.com/oauth/access_token

Once the OAuth handshaking completed, you will be able to use Nexmo APIs on behalf of the Nexmo user's account, replace "api_key" and "api_secret" by OAuth parameters.

Checkout our code sample from Github.



Nexmo Sandbox

Nexmo Sandbox provides an opportunity for developers to quickly test using the Nexmo REST or SMPP API without opening a production account. This can be very useful for load testing and/or regression testing. You can create a new test account simply by filling in the form below. With this account you will be sending message requests to our Sandbox environment. API responses will look just like those in production, but the messages won't be delivered to any real handset. Instead they will be logged in our shared Sandbox Inbox Folder.

From within the Sandbox Inbox Folder you will be able to test receiving Delivery Receipts (with a selection of statuses and error codes) to your DLR callback URL or SMPP client.

To start using our Sandbox, please create an account using the following form:

/ sec

If you disable quota, you can send unlimited messages - this might be helpful for load testing.

If quota is enabled then 0.05 cents will be subtracted from your test account balance upon each message sent.

Create Sandbox LVN

You can add LVNs to our sandbox. This will allow you to search and purchase them through our Dev API. You can also try other documented Dev API functions. For instance you can search numbers with http://rest-sandbox.nexmo.com/number/search/YOUR_KEY/YOUR_SECRET/COUNTRY_CODE?pattern=NUMBER