A one-time password (OTP), also known as a one-time PIN, one-time authorization code (OTAC) or dynamic password, is a password that is valid for only one login session or transaction, on a computer system or other digital device. OTPs avoid several shortcomings that are associated with traditional (static) password-based authentication; a number of implementations also incorporate two-factor authentication by ensuring that the one-time password requires access to something a person has (such as a small keyring fob device with the OTP calculator built into it, or a smartcard or specific cellphone) as well as something a person knows (such as a PIN).

The Quick MFA solution offers the quickest way to get set up with SMS based OTP for use in your systems. The product offers 2 simple APIs that you can call from any place in your code and have users verify their identity (SendCode / VerifyCode).

As a developer, you can subscribe to the service and gain access via a simple `ApiKey` to a pair of APIs that you can call from any place in your code base, in order to implement a variety of security related use-cases such as (authentication, increased protection when accessing sections of your application, protecting high value transactions such as check out).

The solution is completely language agnostic and will work from any environment, programming language or framework.

After you purchase the solution from the Azure Marketplace, you will be redirected to a landing page where you finalize the provisioning process. As part of this process you can choose to enter a custom message template for the SMS's that the application will send. Note that the actual code will always be appended at the end of the template.

Once provisioned, you will be able to retrieve your `ApiKey` from the Landing Page by selecting the subscription and showing the details.

The solution is made up from 2 simple APIs. Make sure to include the access key as a header with the name "Ocp-Apim-Subscription-Key"

1. Send Code API (GET https://api.mfa.allthecodes.net/send/{userId}/{deviceId}/{phoneNumber})

Returns 200 OK if the message was sent successfully to the phone number.

Currently supports US / Canada phone numbers as 10 digits with no formatting (i.e.1234561234)

Returns 200 OK if the code was valid for the current userId /deviceId combination.