Node.js

Test the Implementation

Silent Authentication is best validated on a real device with a SIM + mobile data. Please take the following considerations in mind:

  • The emulator often cannot provide the carrier/network context Silent Authentication needs.
  • If you test on an emulator, expect frequent fallback to SMS.
  • Silent Authentication commonly requires mobile data. If you’re on Wi-Fi only, it may fail (which is exactly why we implement an immediate fallback path).
  • Even on real devices, Silent Authentication may not be available for all numbers/operators. Your app should treat fallback to SMS as normal, not exceptional.

What To Verify When Testing the Project

In the app, check that the status message indicates:

  • Verified via Silent Authentication
  • Or Verified via SMS

Check the backend logs:

  • Confirm that the /verification and /check-code endpoints are called.
  • Disable data from your device and check if /next is being called (forced fallback).
  • Check the /callback events.

At the end of testing, you should be able to confirm:

  • The backend can create verification requests
  • The Android app can:
    • start verification
    • handle Silent Authentication when available
    • fall back cleanly to SMS when needed
  • Users can complete verification without understanding what Silent Authentication is

Common Issues and How to Debug Them

App Stuck Loading

  • Backend unreachable
  • Wrong backend URL
  • Missing android.permission.INTERNET

Silent Authentication Never Works

  • Testing on an emulator. Make sure you use a real device
  • Device on Wi-Fi only
  • Operator does not support Silent Authentication

SMS Never Arrives

  • Incorrect phone format (must be E.164)
  • Forced fallback not called
  • Rate limits or previous attempts still active

/next Fails

  • This is non-fatal. Worst case scenario, your app waits for the timeout (default is 20 seconds).
  • Verify continues and will eventually fall back automatically
  • App should still show SMS input

What’s Next?

You now have a complete and testable 2FA flow with Silent Authentication and fallback to SMS. We can elevate our design to the next level:

  • persistent storage (Redis/Postgres)
  • rate limiting and abuse prevention
  • polling or real-time status updates
  • production deployment

Getting Started with Silent Authentication

Silent Authentication takes quite a bit to understand. This tutorial shows you how to build an integration from scratch with Nodejs and Kotlin

Available on:
Node.js
Steps
1
Introduction
2
Backend Prerequisites
3
Set Up the Environment
4
Set Up Your Vonage Credentials
5
Add the Vonage Verify API to the Backend
6
Test the Backend
7
Mobile App Prerequisites
8
Set Up the Environment
9
Create a Basic Android Application
10
Connect with the Backend
11
Use the Vonage Client SDK
12
Set Up The Testing Environment
13
Test the Implementation