Help
FortiAuthenticator
FortiAuthenticator provides centralized authentication services for the Fortinet Security Fabric including multi-factor authentication, single sign-on services, certificate management, and guest management.
kiri
Staff
Staff

Created on ‎10-11-2023 12:14 AM Edited on ‎10-18-2024 06:43 AM By Moderator

Article Id 278207

Technical Tip: How to configure FortiAuthenticator with the Twilio SMS gateway

Description This article describes how to configure FortiAuthenticator with the Twilio SMS gateway.
Scope FortiAuthenticator.
Solution
  1. Follow Twilio's docs to set up an SMS API.
    Send Messages with Messaging Services

  2. Build and get the code, in this example curl was used:

 

2023-10-10 12_07_09-Messaging _ Twilio - Brave.png

 

  1. Configure the FortiAuthenticator:

     

    2023-10-10 12_12_46-FortiAuthenticator — Mozilla Firefox.png

     

  2. For HTTPS, the CA of https://api.twilio.com/ server certificate is required.

    Use Learn Certificate to import it, then set the CA certificate to it.

    Trusted CAs 6.5.3

     

  3. Test the settings.

     

    test.png

     

     

  4. Set Twilio as the default SMS gateway:

     

    default.png

     

If the test SMS fails, check FortiAuthenticator and Twilio's logs: GUI -> Log Access -> Log Access -> Logs.

Console Twilio

 

If the SMS does not make it to the end user, but the request arrives at Twilio, a clear error message should be seen in FortiAuthenticator Logs. Follow the instructions to fix it.

 

Example:

 

SMS gateway "TWILIO2" via HTTPS POST returns status code 400 (response: {"code": 21603, "message": "A 'From' or 'MessagingServiceSid' parameter is required to send a message", "more_info": "https://www.twilio.com/docs/errors/21603", "status": 400})

 

Test the code with Postman or a similar tool.

If the request does not arrive at Twilio, check the settings, most likely FortiAuthenticator is incorrectly configured.

Note that the SMS gateway feature relies on HTTP, unless the SMTP feature is used, and also relies on parameter+value pairs. The gateway will expect a parameter such as 'To' as an HTTP parameter, and the value on it would be the phone number. FortiAuthenticator will automatically fill the phone number by filling in the variable it supports. Placing the cursor inside the 'value' column (by clicking inside it with the mouse, for example) will show all available variables.

 

The variables as of now are as follows:

 

  • {{:country_code}}: Will be filled with the mobile number of that user.
  • {{:mobile_number}}: Will be replaced with the country code that this user's mobile number belongs to (must be known to FortiAuthenticator).
  • {{:message}}: Contains the text that is to be sent to the user. This is filled out with a message that is from the replacement messages on FortiAuthenticator and may be adapted.
  • {{:random_id_64}: Can be used if the SMS gateway requires a unique message ID. This is usually not required, but would also be documented by the provider.
  • {{:null}}: Can be used if an empty value is supposed to be sent. This also depends on the provider.
1284
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.