TypingDNA Verify 2FA Standard Integration with PHP
Goal
The aim of this tutorial is to lay out the steps for integrating TypingDNA Verify 2FA with a web application that
is using PHP as the back end.
The steps presented in this tutorial are also explained in the video below.
Intro
In this tutorial we will build a simple web application that will use PHP as the back end. We will cover all
technologies that are needed to run a simple demo on a local machine.
Prerequisites
In order to create a working example of TypingDNA Verify 2FA, the following actions need to be taken.
1. Create an account on typingdna.com. The Verify 2FA
dashboard will provide you with the clientId, secret and applicationId.
2. Create a localhost environment that will run php applications. For this tutorial we will use XAMPP
that can be downloaded from https://www.apachefriends.org/index.html
3. Setup ngrok. Ngrok creates a public url that will be linked to your localhost environment. For
security purposes, TypingDNA Verify 2FA will only run on a public url. Ngrok can be downloaded from the
following link: https://ngrok.com/
Configuration
The first step is to create a simple php demo application that will run on ngrok.
We will first create a file called index.php that we will place in the htdocs location of xampp. This folder
is usually located here: C:\xampp\htdocs
The index.php file will look like this:
Then we will navigate to the ngrok location folder and we will start up the public url with the following
command:
ngrok.exe http 80
This will create a public url that will look something like this:
Once the ngrok link has been created, we will setup this link in our Integration section in the Verify 2FA
Dashboard.
Make sure you enter just the domain name and you do not include https or http in the name.
✓ Correct: ee503c799d3f.ngrok.io
✗ Incorrect: https://ee503c799d3f.ngrok.io
We will start up our XAMPP Apache server.
By accessing our ngrok link, in this case https://ee503c799d3f.ngrok.io we will see the following
page:
Make sure to always use https otherwise TypingDNA Verify 2FA will not work.
In order to generate the TypingDNA Verify 2FA window we will need to add the following javascript to our code:
Next we will add the button that will start the TypingDNA Verify 2FA window.
The javascript "callbackFn" will be called once the TypingDNA Verify 2FA process is completed.
<script>
function callbackFn(payload)
{
window.location.href = "verify_otp.php?otp=".concat(payload['otp']);
}
</script>
TypingDNA Verify 2FA will return a payload that will contain the one time password that is generated. For
simplicity, in this demo we will navigate to another page and we will pass the one time password as a
parameter in the link.
The final version of the index.php will look like this:
Next we will look at the verify_otp.php file. First we will initialize our variable just like we did in
index.php.
<?php
include('TypingDNAVerifyClient.php');
$typingDNAVerifyClient = new TypingDNAVerifyClient($client_id, $application_id, $secret);
?>
In order to validate that the one time password is correct we will use the validateOTP function that will
make an API call to the TypingDNA server if the one time password is correct.
We select the Verify 2FA with TypingDNA button and our TypingDNA Verify 2FA window will appear.
After we complete the instruction from the TypingDNA Verify 2FA button we will be redirected to the
verify_otp.php page where the result will be displayed.
The success value indicates if it was a valid authentication 1 or if it was invalid
0.
For the production environment, in order to be able to send SMS OTPs you will need to integrate with Twillio in the Verify 2FA dashboard. First log in to your Twillio account and then click on the following button from the dashboard:
Share this message across Slack, email, etc. We even jotted down some of the highlights to make it easier.
Check this out! 🚀 Found a cool way to 2FA our users: TypingDNA Verify 2FA. It authenticates people based on how they type — replacing authenticator apps and OTP codes. Awesome user experience! 🙌 Quick integration too (under 10 mins). And we can try it free with 100 users. What do you think? https://www.typingdna.com/verify