Create APIproposal_Voice OTP Call #263
Conversation
The “Voice One Time Password Call” API is used to send short-lived one time passwords (OTP) to a phone number via voice call and validate it afterwards, in order to provide a proof of possession of the phone number.
mbkhanhex
requested review from
Noel-Wirzius-DT,
caubut-charter,
eric-murray and
jgarciahospital
as code owners
|
Please review and approve |
1 similar comment
|
Please review and approve |
|
Hi @albertoramosmonagas Following your instructions, I have created API Proposal under documentation/API-proposals. Let me know about the next steps. Thanks |
Hi, the file is empty and you need to upload also de ppt of your presentation. The only point left is relation with Voice Verification Code (#233) - Herbert suggest if we can merge this with this issue. Can you review this proposal to see if there's any overlap? Once all these points have been resolved, the backlog group will review it to see if there are any issues or objections, and if not, send it to the TSC. |
|
Hi @albertoramosmonagas I have created new PR as per your request #265. Please help for the next steps. Regarding merger with other API use case, I am not exactly sure about it. Is it possible to consider this merger possibility at later stage? |
|
Hi @mbkhanhex, I think we're not quite understanding each other, or maybe I'm not explaining myself well. There was already an issue for this API, which was #259. The problem we had was with the Pull Request (PR), not the issue. I'm attaching it here: https://github.com/camaraproject/APIBacklog/pull/263/files As you can see, the file has been created, but it is empty. This is what needs to be modified. So I would close this issue. The old one remains as the original, and all that needs to be done is to upload the changes from the API proposal to the pull request with the ppt that you have very kindly attached here. Once this is done, the following point was raised in the latest backlogs: The only point left is relation with Voice Verification Code (#233) - Herbert suggests if we can merge this with this issue. Can you review this proposal to see if there's any overlap? Once all these points have been resolved, the backlog group will review it to see if there are any issues or objections, and if not, send it to the TSC. Once everything is complete, the API will be discussed in the backlog session and, if there are no objections, it will be sent to the TSC. |
albertoramosmonagas
left a comment
albertoramosmonagas
left a comment
There was a problem hiding this comment.
Remember that it's not just a matter of copying and pasting; you have to follow the template format, just as you did in the old PR that had the wrong path.
|
@albertoramosmonagas apologies for confusion. I have just updated the PR, please check 2bd5b64. |
|
@albertoramosmonagas changes are updated. Please check now and let me know in case of any modifications needed. Thanks for your kind support |
albertoramosmonagas
left a comment
albertoramosmonagas
left a comment
There was a problem hiding this comment.
The file is "APIproposal_Voice OTP Call" and need to be "API-proposal-voice-otp-call.md" without the final extension, it is simply a text file
| ### Validated with operators? | ||
| Not yet. It is one of our new products and hence we didn’t get an opportunity to get it validated with some telco operators. We are expecting some PoC to start by Q1 2026 | ||
|
|
||
| Use cases |
There was a problem hiding this comment.
This would go inside the API summary; these points are not part of the template.
There was a problem hiding this comment.
@albertoramosmonagas moved to API summary, please check
Co-authored-by: Alberto Ramos Monagas <alberto.ramosmonagas@telefonica.com>
Co-authored-by: Alberto Ramos Monagas <alberto.ramosmonagas@telefonica.com>
| API represents an attempt to standardize interfaces between OTP Call solutions deployed by MNOs or external providers and their enterprise users. As such the API is not bound to any specific cloud platform or specific solution but aims to encourage vendors providing MNO or enterprise solution to support this API format and assure interoperability between different solutions. | ||
| ### Commercial viability | ||
| There are not specific cloud requirements related to proposed API. | ||
| ### YAML code available? |
There was a problem hiding this comment.
And if you already have a YAML file from the API, you can upload it to this PR, but to the documentation/SupportingDocuments path with the API name.
There was a problem hiding this comment.
@albertoramosmonagas I dont have the privileges to do so, please check the snapshot below
There was a problem hiding this comment.
In this case, it is not “uploading a file” by attaching it to the pull request. In the “mbkhanhex:patch-3” branch you created, you would create a new file in the “documentation/SupportingDocuments” path for the YAML and another for the PPT associated with the proposal.
| ### YAML code available? | ||
| YES | ||
| Validated in lab/productive environments? | ||
| YES, Lab environment |
There was a problem hiding this comment.
Specify if was a lab network or productive network
There was a problem hiding this comment.
It is already mentioned as Lab environment, please check
| ### Validated with operators? | ||
| Not yet. It is one of our new products and hence we didn’t get an opportunity to get it validated with some telco operators. We are expecting some PoC to start by Q1 2026 | ||
|
|
||
| Use cases |
There was a problem hiding this comment.
I don't understand why my previous comment was resolved if the change wasn't applied. This isn't a section of the template. In any case, this has to be inside the “### API summary.” It has to be removed from here.
| Use cases | ||
| • Online Banking: To authenticate users during login and transactions, ensuring secure access to financial accounts. | ||
| • Account Registration: To confirm user identity during account creation by sending a verification code to their mobile device. | ||
| • Password Recovery: To securely verify users when they request to reset their passwords, ensuring only the rightful owner can make changes. | ||
| • Two-Factor Authentication (2FA): To enhance security for sensitive applications by requiring a second verification step via SMS after entering a password. | ||
| Benefits | ||
| The One Time Password Call API has several benefits for the API consumer: | ||
| • Enhanced Security: OTPs provide an additional layer of security beyond passwords, reducing the risk of unauthorized access. | ||
| • User Verification: Ensures that the user has access to the registered mobile device, confirming their identity. | ||
| • Cost-Effective: Reduces the need for complex authentication systems while providing strong security. | ||
| • User Trust: Increases user confidence in the security of the platform, leading to higher user satisfaction. |
There was a problem hiding this comment.
As with the other comment that has been resolved but not implemented, this point needs to be included. Please follow the template.
### Supporters in API Backlog Working Group
List of supporters.
*NOTE: That shall be added by the Working Group. Supporting an API proposal means that the supporting company must provide at least 1 (one) Maintainer at the time of the Sub Project creation.*
There was a problem hiding this comment.
@mbkhanhex Please, review the comments, there are too many small changes to make, but I would appreciate it if you could be mindful of what you are modifying, as it is difficult to find the time to make these kinds of revisions.
Also, if possible, you have two duplicate issues, #259 (the first issue created for this API) and #265 . I would appreciate it if you could delete one of them.
Also, please note that your file path is “documentation/API proposals/APIproposal_Voice OTP Call” and should be “documentation/API proposals/APIproposal_Voice OTP Call.md.”
Another point, it would be good if you could upload the ppt you shared in the backlog to the path “documentation/SupportingDocuments” to the PR.
Finally, regarding the comment about reviewing and approving, the process would be:
- Apply all the changes I have described.
- Review Relation with Voice Verification Code (#233) - Herbert suggests if we can merge this with this issue.
- And the point I mentioned about the possible overlap with OTPValidation.
If you have any questions about these points, we can discuss them in the backlog sessions.
Co-authored-by: Alberto Ramos Monagas <alberto.ramosmonagas@telefonica.com>
Co-authored-by: Alberto Ramos Monagas <alberto.ramosmonagas@telefonica.com>
Co-authored-by: Alberto Ramos Monagas <alberto.ramosmonagas@telefonica.com>
Co-authored-by: Alberto Ramos Monagas <alberto.ramosmonagas@telefonica.com>
Co-authored-by: Alberto Ramos Monagas <alberto.ramosmonagas@telefonica.com>
Co-authored-by: Alberto Ramos Monagas <alberto.ramosmonagas@telefonica.com>
Co-authored-by: Alberto Ramos Monagas <alberto.ramosmonagas@telefonica.com>
Co-authored-by: Alberto Ramos Monagas <alberto.ramosmonagas@telefonica.com>
Co-authored-by: Alberto Ramos Monagas <alberto.ramosmonagas@telefonica.com>
|
@albertoramosmonagas regarding your comment to upload the ppt to the path “documentation/SupportingDocuments” to the PR, I tried doing it however it seems that I dont have the privileges to do so. Please help.
|
|
@albertoramosmonagas regarding your suggestion to merge our issue proposal with #233, we have checked and it looks like that their use case works only for "IMS based audio codes" as explained in their API description which is not the case for our API. So we dont think that merging the two issues would be a good idea. If there is any further discussion needed on that, we can have a call to evaluate it. |
|
Hi @mbkhanhex, I have been reviewing the PR and it is in better shape. Here are some points for reflection:
And don't forget to check the comments we've left. I'd like to submit this API to the next backlog (so it can be added to the session) to see if there are any objections from the other reviewers and we can send it to the next TSC. |
|
|
|
@albertoramosmonagas all suggested changes have been addressed and accordingly the API proposal for Voice OTP call has been updated accordingly. Please review and approve the suggested merging changes. |
mbkhanhex
left a comment
mbkhanhex
left a comment
There was a problem hiding this comment.
Submitted, please review and approve.
|
Hi @mbkhanhex, Perhaps the problem with uploading files can be seen in this message that appears above:
Here you have the link of the comment. If I could fix it, that would be great. After that, I don't know if there is any conclusion on this point: link. Also, I see that there is a commit that was not made by you, in which a new file “APIBacklog” is added with a message “Subproject commit ce57fee.” Could you delete it? Here is the 76736f0 diff-186da9b0f4176666e9d4d1e31e44c4910bb8cce178fbf939b781524263d8281a where it comes from. Looking ahead to the next steps with this API, it would be great to discuss it in the next backlog session (January 8, 2026) and refresh the other participants' memories, as well as discuss the latest changes to the PR. In the meantime, I would appreciate it if you could resolve the items we have discussed in this message. |
2 participants
The “Voice One Time Password Call” API is used to send short-lived one time passwords (OTP) to a phone number via voice call and validate it afterwards, in order to provide a proof of possession of the phone number.
What type of PR is this?
Add one of the following kinds:
What this PR does / why we need it:
Which issue(s) this PR fixes:
Fixes #
Special notes for reviewers:
Changelog input
Additional documentation
This section can be blank.