Getting started
Disclaimer (sandboxed version)
This Network APIs Playground - Number Verification API is a mocked version of the production-grade CAMARA - Number Verification API.
To use this API, subscribe to Network APIs Playground
This playground version provides responses for:
- predefined phone numbers associated with the unassigned country code +990 (e.g +99012345678)
- user-defined phone numbers added using the Network APIs Playground - Admin
Introduction
The CAMARA Number Verification API allows to check if the provided mobile phone number is the one actually used in the device. The service verifies that the user is using a device with the same mobile phone number as the one which is declared for this user. It also makes it possible for the application consuming this API to get the number itself by returning the phone number associated with the authenticated user's access token.
As the Number Verification API uses the Orange mobile network, it offers strong authentication with enhanced security with minimum user friction.
API Authentication
Step 1: request the OAuth authorization code from the user device
As we are using mocked API and the production version relied on the network to get the phone number, we need to provide the phone number in the login_hint
parameter. Of course, in production, this parameter is not needed.
curl -X GET \
"https://api.orange.com/openidconnect/playground/v1.0/authorize?response_type=code
&client_id=YOU_CLIENT_ID&redirect_uri=https://YOUR_REDIRECT_URI
&scope=openid%20dpv:FraudPreventionAndDetection%20number-verification:verify
&state=state&login_hint=tel%3A%2B33600000000" \
-H 'Accept: application/json'
Step 2: Request the OAuth access token
You get the Authorization header credentials when you register your application on the [Orange Developer Console] (https://developer.orange.com/myapps).
curl -X POST \
"https://api.orange.com/openidconnect/playground/v1.0/token" \
-H 'Accept: application/json' \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H 'Authorization: Basic YOUR_BASIC' \
--data-urlencode 'grant_type=authorization_code' \
--data-urlencode 'redirect_uri=https://YOUR_REDIRECT_URI' \
--data-urlencode 'code=OFR-SYPXPfaUPCrq...5uiiFf7wy9N6sO'
API Description
Summary of resources
This API has two resources verify and device-phone-number
Summary of methods and URL
Use case of operation | URL method |
---|---|
I want to check if the provided mobile phone number is the one actually used in the device | POST "https://api.orange.com/camara/playground/api/number-verification/v1/verify |
I want to get the phone number of the used device | GET "https://api.orange.com/camara/playground/api/number-verification/v1/device-phone-number |
Request phone number verification
Summary of request body parameters
Name | Description | Type | Mandatory |
---|---|---|---|
phoneNumber | Subscriber number in E.164 format (starting with country code). Must be prefixed with '+' | string | Yes |
Request
curl -X POST \
"https://api.orange.com/camara/playground/api/number-verification/v1/verify" \
-H 'Authorization: Bearer {your access token}' \
-H "Cache-Control: no-cache" \
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{ "phoneNumber": "+33699999999" }'
Response
200
Content-Type: application/json
{
"devicePhoneNumberVerified": true
}
Fields description
The response features only one attribute: devicePhoneNumberVerified.
This attribute is true when the provided number is the same as the one in the device in use.
Most frequent errors
There are some cases where your client application will no longer gain access to API resources, and get an error back.
Please check the following points:
- Here, you attempt to use an expired or revoked access_token and you get an invalid token error. You will have to request a new access_token. As an example:
HTTP/1.1 401 Unauthorized
Content-Type: application/json
{
"code": "UNAUTHORIZED",
"message": "Authorization failed: ..."
}
- Here, you removed your subscription to the API so that the capability to generate an access_token is not allowed anymore. As an example:
HTTP/1.1 403 Forbidden
Content-Type: application/json
{
"code": "FORBIDDEN",
"message": "Operation not allowed: ..."
}
Get phone number
Request
curl -X GET \
"https://api.orange.com/camara/playground/api/number-verification/v1/device-phone-number" \
-H 'Authorization: Bearer {your access token}' \
-H 'Cache-Control: no-cache' \
-H 'accept: application/json'
Response
200
Content-Type: application/json
{
"devicePhoneNumber": "+123456789"
}
Looking for support ?
Facing technical issue when using this API ? please contact us
History of document
Version of the document | modification date | description of modifications |
---|---|---|
1.0 | 04/02/2025 | initialization by Orange CAMARA APIs team for version 1.0 |