Node.js

Use the Vonage Client SDK

It’s time to complete Silent Authentication properly by having the Android app call the check_url using the mobile network, then sending the resulting code back to the backend via /check-code.

Rather than using OkHttp to call check_url, we’ll use the Vonage Client SDK because Silent Authentication depends on mobile network context (carrier routing, SIM/network identity), and the request may go over Wi-Fi, which breaks the purpose of Silent Auth.

The Vonage Client SDK exists to solve exactly this:

  • It can force the request over cellular data (or use the correct network route)
  • It handles redirects and request details in the way Silent Auth expects
  • It gives you a structured response so you can extract the code cleanly

In this section we’re building the following:

  1. If check_url exists, call it from the phone using the Vonage Client SDK.
  2. Extract code from the response.
  3. Send { request_id, code } to the backend via /check-code.
  4. If Silent Auth fails, fall back to SMS:
    • call /next (best-effort, so we don’t wait ~20 seconds).
    • show the SMS code UI.

Add the Vonage Client SDK Dependency

Add the dependency to the current project. Open your build.gradle.kts and add:

After adding it, sync Gradle.

Initialize the SDK

Initialize the SDK once in MainActivity.onCreate():

This is safe to do at startup and avoids forgetting it later.

Implement checkSilentAuth(checkUrl) Using the SDK

Add this function to your MainActivity.kt.. It performs a cellular GET request to check_url, follows redirects, and extracts code from the JSON response.

The method returns a code string that your backend can validate with POST /check-code.

Update the “Start verification” Flow to Attempt Silent Auth

Now replace the “always force SMS fallback” logic from the previous section with:

  • Try Silent Auth if check_url is present
  • If it fails, trigger /next (best-effort) and show SMS UI

Conceptually:

  1. POST /verification(request_id, check_url?)

  2. If check_url exists:

    • code = checkSilentAuth(check_url)
    • POST /check-code with (request_id, code)

  3. If that fails:

    • call POST /next (optional UX optimization)
    • show SMS UI

Here’s the core part you should use inside your Compose button onClick (inside a coroutine):

Verify and Silent Auth Tutorial

Getting Started with Silent Authentication

Silent Authentication takes quite a bit to understand. This tutorial shows you how to build an integration from scratch with Nodejs and Kotlin

Available on:
Node.js
Steps
1
Introduction
2
Backend Prerequisites
3
Set Up the Environment
4
Set Up Your Vonage Credentials
5
Add the Vonage Verify API to the Backend
6
Test the Backend
7
Mobile App Prerequisites
8
Set Up the Environment
9
Create a Basic Android Application
10
Connect with the Backend
11
Use the Vonage Client SDK
12
Set Up The Testing Environment
13
Test the Implementation