.wpb_animate_when_almost_visible { opacity: 1; }

Network APIs Playground - Number Verification 1.0

This API is part of the Network APIs Playground. It provides a mock-up of the Number Verification API following CAMARA standard.

Contact us

Getting started

Disclaimer (sandboxed version)

This Network APIs Playground - Number Verification API is a mocked version of the production-grade CAMARA - Number Verification API.

To use this API, subscribe to Network APIs Playground

This playground version provides responses for:

  • predefined phone numbers associated with the unassigned country code +990 (e.g +99012345678)
  • user-defined phone numbers added using the Network APIs Playground - Admin

Introduction

The CAMARA Number Verification API allows to check if the provided mobile phone number is the one actually used in the device. The service verifies that the user is using a device with the same mobile phone number as the one which is declared for this user. It also makes it possible for the application consuming this API to get the number itself by returning the phone number associated with the authenticated user's access token.

As the Number Verification API uses the Orange mobile network, it offers strong authentication with enhanced security with minimum user friction.

API Authentication

Step 1: request the OAuth authorization code from the user device

As we are using mocked API and the production version relied on the network to get the phone number, we need to provide the phone number in the login_hint parameter. Of course, in production, this parameter is not needed.

curl -X GET \
  "https://api.orange.com/openidconnect/playground/v1.0/authorize?response_type=code
 &client_id=YOU_CLIENT_ID&redirect_uri=https://YOUR_REDIRECT_URI
 &scope=openid%20dpv:FraudPreventionAndDetection%20number-verification:verify
 &state=state&login_hint=tel%3A%2B33600000000" \
 -H 'Accept: application/json'

Step 2: Request the OAuth access token

You get the Authorization header credentials when you register your application on the [Orange Developer Console] (https://developer.orange.com/myapps).

curl -X POST \   
  "https://api.orange.com/openidconnect/playground/v1.0/token" \
  -H 'Accept: application/json' \
  -H 'Content-Type: application/x-www-form-urlencoded' \ 
  -H 'Authorization: Basic YOUR_BASIC' \ 
  --data-urlencode 'grant_type=authorization_code' \
  --data-urlencode 'redirect_uri=https://YOUR_REDIRECT_URI' \
  --data-urlencode 'code=OFR-SYPXPfaUPCrq...5uiiFf7wy9N6sO'

Go up

API Description

Summary of resources

This API has two resources verify and device-phone-number

Summary of methods and URL

Use case of operationURL method
I want to check if the provided mobile phone number is the one actually used in the devicePOST "https://api.orange.com/camara/playground/api/number-verification/v1/verify
I want to get the phone number of the used deviceGET "https://api.orange.com/camara/playground/api/number-verification/v1/device-phone-number

Go up

Request phone number verification

Summary of request body parameters

NameDescriptionTypeMandatory
phoneNumberSubscriber number in E.164 format (starting with country code). Must be prefixed with '+'stringYes
Request
curl -X POST \
  "https://api.orange.com/camara/playground/api/number-verification/v1/verify" \ 
  -H 'Authorization: Bearer {your access token}' \
  -H "Cache-Control: no-cache"  \
  -H 'accept: application/json' \
  -H 'Content-Type: application/json' \
  -d '{ "phoneNumber": "+33699999999" }'
Response
200 
Content-Type: application/json

{
"devicePhoneNumberVerified": true
}

Go up

Fields description

The response features only one attribute: devicePhoneNumberVerified.

This attribute is true when the provided number is the same as the one in the device in use.

Go up

Most frequent errors

There are some cases where your client application will no longer gain access to API resources, and get an error back.

Please check the following points:

  • Here, you attempt to use an expired or revoked access_token and you get an invalid token error. You will have to request a new access_token. As an example:
HTTP/1.1 401 Unauthorized
Content-Type: application/json
{
  "code": "UNAUTHORIZED",
  "message": "Authorization failed: ..."
}
  • Here, you removed your subscription to the API so that the capability to generate an access_token is not allowed anymore. As an example:
HTTP/1.1 403 Forbidden
Content-Type: application/json
{
  "code": "FORBIDDEN",
  "message": "Operation not allowed: ..."
}

Get phone number

Request
curl -X GET \
  "https://api.orange.com/camara/playground/api/number-verification/v1/device-phone-number" \
  -H 'Authorization: Bearer {your access token}' \
  -H 'Cache-Control: no-cache' \
  -H 'accept: application/json'
Response
200 
Content-Type: application/json

{
  "devicePhoneNumber": "+123456789"
}

Go up

Looking for support ?

Facing technical issue when using this API ? please contact us

Go up

History of document

Version of the documentmodification datedescription of modifications
1.004/02/2025initialization by Orange CAMARA APIs team for version 1.0

Go up