New way of SMS Retriever API - SMS User Consent
I worked on SMS Retriever API for verification screen of arabam.com application a while ago. After many attempts, I learned that this cannot be done in Turkey. Because the API has difficult requirements.
For example;
- Your SMS should start with <#> tag,
- Your SMS should end with app’s hash code, etc.
It was impossible to meet these requirements in Turkey. Because, according to Turkish laws “If you are a company and you want to send SMS your customers, then you need to add your company code like BXXX to end of SMS”. There was a conflict here. After all that, I opened an issue to Google Issue Tracker for this but I didn’t get any response.
After a long silence, I met my hero SMS User Consent API. It was perfect because you don’t have to add anything to the SMS anymore. Today, I’m going to talked about “How can I use SMS User Consent API” but first we need to know “What is the difference between SMS Retriever API and SMS User Consent API”.
What is the Difference Between SMS Retriever API and SMS User Consent API
Two APIs are so similar. Both fetch to coming message to the phone, but there are some important points. For example, if you are not the sender or you don’t want to add anything to the SMS you should use SMS User Consent API.
But if you are a sender and you accepting the adding anything to the SMS, then you should use SMS Retriever API. SMS Retriever API positive aspect is you don’t need any permission for reading the SMS. It just gives the SMS to you.
SMS User Consent API
SMS User Consent API gives the content of a single SMS message to us if the user gives permission. For this, a bottom sheet will show on the screen and ask the user for permission access to SMS. So, I’ll tell you to step by step how we can do this
#Step 1
Firstly, we should add Google Play Services implementation to your app’s build.gradle file.
#Step 2
Now, we can start listening for incoming messages. For this we need to call startSmsUserConsent() function.In that point, we can add the sender phone number or leave it blank. This way, the SMS User Consent API will only trigger on messages from this number.
#Step 3
We need create to a broadcast receiver for catch to SMS. In this step, we are creating SmsBroadcastReceiver
#Step 4
We are almost done. We can show the bottom sheet after registering to the broadcast receiver. If the broadcast receiver catches SMS, onSuccess() function will work and open bottom sheet for permission
#Step 5
We are ready for reading the SMS. If you get a result code of RESULT_OK, the user granted permission to read the contents of the message, and we can get the message text from the intent.
Congrats 👏🏻
Now we can use the SMS content!
Important Points
- The message contains a 4–10 character alphanumeric string with at least one number.
- The message was sent by a phone number that’s not in the user’s contacts.
These are essential for the use of the API.
Official Documentation
You can visit official documentation if you want to examine the API in detail.
Sample Project
You can find all of codes in this blog in the sample project.
Thanks for reading, you can poke to me for anything you can think of.
