Setting up two factor authentication
Overview 
The 2fa functionality in Canvas is set up using two key widgets, three backend workflows found under the Verify folder, and an integration with Twilio.
Step 1: Set up Twilio
2fa will require your Twilio account details to be added to the preset API connection in the API connector.
Login to your Twilio account (or create one) here. You will need to purchase a verified number from Twilio.
Note that during testing you will need to verify any number you would like to send a code TO in your Twilio account as well. This restriction goes away when your account has been approved and you are no longer using it in testing mode.
Add your account values to the API connector like this:
- Your Twilio Account SID goes in the username field 
- Your Twilio Account Auth Token goes in the Password field 
- Add your Twilio Account SID to the Twilio SID parameters in the Send SMS call 
- Enter the verified phone number you purchased from Twilio in the From parameter in the Send SMS call (e.g. 19299990000) 
- Enter a phone number to test in the To field 
- Enter some placeholder text (e.g. Test) in the Body field 
Once you've entered all the fields above, please click the Reinitialize call button and the Save button.
Step 2: Set up Verify
While it has the same name as Twilio’s 2fa product, your Verify functionality is contained fully inside your Canvas application. This is completely setup but will require that you generate an API key in your app to be able to use it.
To do this, in the editor:
- Navigate to Settings 
- Click the API tab 
- Click to ‘Generate a new API token’ 
- Name the new token and copy the value of the Private key 
Once you have the key copied, replace the {{Private key}} value in the header of the Verify API call (Plugins tab > API connector > Verify).

Step 3: Set up Canvas 
Now that Twilio and Verify are both ready to go, you have the following options to set up in the Admin portal under Settings > Signup Process.
- Require phone verification 
- Enable two-factor authentication 
- If enabled, you can require 2fa app wide or set to optional which will allow individual users to enable 2fa only for their account. 
Last updated
Was this helpful?
