# Verify a user using SMS PIN with the Java SDK

This guide shows how to verify a user in a Java application using the Verification API and Java SDK to make and then report an SMS PIN verification.

The following diagram demonstrates the flow that happens to verify a user:

[![verification-flow](/assets/verification_flow.cec2857225cc33c23554c2cfa96065e34f709b3a43c726d66f19224b96b0f790.ec4a73e2.png)](/assets/verification_flow.cec2857225cc33c23554c2cfa96065e34f709b3a43c726d66f19224b96b0f790.ec4a73e2.png)

1. The end user visits your website or service and tries to log in.
2. Your backend then makes a request to the Sinch platform and [initiates an SMS PIN verification request](#initiate-your-verification-request).
3. The Sinch platform sends an SMS message with a one time PIN code to the phone number of the user.
4. The user enters the code they received.
5. Your backend makes a [report verification request](#report-your-sms-pin-code) using the code the user entered.
6. If the code matches, your backend will receive a success result from Sinch.
7. The user, now verified, can proceed to log in to your site or service.


In this guide you will learn:
1. [Set up](#set-up-your-java-application) your Java application
2. How to [initiate an SMS PIN verification request](#initiate-your-verification-request)
3. How to [report an SMS PIN verification code](#report-your-sms-pin-code)


Note:
Before you can get started, you need the following already set up:

- Set all Verification API [configuration settings](/docs/verification/getting-started).
- [JDK 21 or later](https://www.oracle.com/java/technologies/downloads/). While the Java SDK itself requires JDK 8 or later, this application uses the latest RTS version of Java.
- [Apache Maven](https://maven.apache.org/install.html) and a familiarity with how to use the Maven CLI.


## Set up your Java application

To quickly get started setting up a simple client application using the Java SDK:

1. If you haven't already, clone the [sinch-sdk-java-quickstart](https://github.com/sinch/sinch-sdk-java-quickstart) repository.
2. Navigate to the `getting-started/verification/user-verification-using-sms-pin/client/src/main/resources` folder.
3. Open the `config.properties` [file](https://github.com/sinch/sinch-sdk-java-quickstart/blob/main/getting-started/verification/user-verification-using-sms-pin/client/src/main/resources/config.properties). Using the [Verification app credentials](https://dashboard.sinch.com/verification/apps) from your Sinch Build Dashboard, populate the following fields with your values:


| Field | Description |
|  --- | --- |
| APPLICATION_API_KEY | The unique ID of your application. |
| APPLICATION_API_SECRET | The secret for your application. |


1. Save the file.


The code containing the business logic for making an SMS PIN verification is provided here for reference.

snippet.js
// Use this code to make a an SMS PIN verification using the Verification API and the Java SDK. 
package verification;

import com.sinch.sdk.core.exceptions.ApiException;
import com.sinch.sdk.core.utils.StringUtil;
import com.sinch.sdk.domains.verification.api.v1.*;
import com.sinch.sdk.domains.verification.models.v1.NumberIdentity;
import com.sinch.sdk.domains.verification.models.v1.report.request.VerificationReportRequestSms;
import com.sinch.sdk.domains.verification.models.v1.report.response.VerificationReportResponseSms;
import com.sinch.sdk.domains.verification.models.v1.start.request.VerificationStartRequestSms;
import com.sinch.sdk.domains.verification.models.v1.start.response.VerificationStartResponseSms;
import com.sinch.sdk.models.E164PhoneNumber;
import java.util.Scanner;

public class VerificationsSample {

  private final VerificationService verificationService;

  public VerificationsSample(VerificationService verificationService) {
    this.verificationService = verificationService;
  }

  public void start() {

    E164PhoneNumber e164Number = promptPhoneNumber();

    try {
      // Starting verification onto phone number
      String id = startSmsVerification(verificationService.verificationStart(), e164Number);

      // Ask user for received code
      Integer code = promptSmsCode();

      // Submit the verification report
      reportSmsVerification(verificationService.verificationReport(), code, id);
    } catch (ApiException e) {
      echo("Error (%d): %s", e.getCode(), e.getMessage());
    }
  }

  /**
   * Will start an SMS verification onto specified phone number
   *
   * @param service Verification Start service
   * @param phoneNumber Destination phone number
   * @return Verification ID
   */
  private String startSmsVerification(
      VerificationStartService service, E164PhoneNumber phoneNumber) {

    echo("Sending verification request onto '%s'", phoneNumber.stringValue());

    VerificationStartRequestSms parameters =
        VerificationStartRequestSms.builder()
            .setIdentity(NumberIdentity.valueOf(phoneNumber))
            .build();

    VerificationStartResponseSms response = service.startSms(parameters);
    echo("Verification started with ID '%s'", response.getId());
    return response.getId();
  }

  /**
   * Will use Sinch product to retrieve verification report by ID
   *
   * @param service Verification service
   * @param code Code received by SMS
   * @param id Verification ID related to the verification
   */
  private void reportSmsVerification(VerificationReportService service, Integer code, String id) {

    VerificationReportRequestSms parameters =
        VerificationReportRequestSms.builder().setCode(String.valueOf(code)).build();

    echo("Requesting report for '%s'", id);
    VerificationReportResponseSms response = service.reportSmsById(id, parameters);
    echo("Report response: %s", response);
  }

  /**
   * Prompt user for a valid phone number
   *
   * @return Phone number value
   */
  private E164PhoneNumber promptPhoneNumber() {
    String input;
    boolean valid;
    do {
      input = prompt("\nEnter a phone number to start verification");
      valid = E164PhoneNumber.validate(input);
      if (!valid) {
        echo("Invalid number '%s'", input);
      }
    } while (!valid);

    return E164PhoneNumber.valueOf(input);
  }

  /**
   * Prompt user for a SMS code
   *
   * @return Value entered by user
   */
  private Integer promptSmsCode() {
    Integer code = null;
    do {
      String input = prompt("Enter the verification code to report the verification");
      try {
        code = Integer.valueOf(input);
      } catch (NumberFormatException nfe) {
        echo("Invalid value '%s' (code should be numeric)", input);
      }

    } while (null == code);
    return code;
  }

  /**
   * Endless loop for user input until a valid string is entered or 'Q' to quit
   *
   * @param prompt Prompt to be used task user a value
   * @return The entered text from user
   */
  private String prompt(String prompt) {

    String input = null;
    Scanner scanner = new Scanner(System.in);

    while (StringUtil.isEmpty(input)) {
      System.out.println(prompt + " ([Q] to quit): ");
      input = scanner.nextLine();
    }

    if ("Q".equalsIgnoreCase(input)) {
      System.out.println("Quit application");
      System.exit(0);
    }
    return input.trim();
  }

  private void echo(String text, Object... args) {
    System.out.println("  " + String.format(text, args));
  }
}

### Package the application

Now that you've modified the application, you need to use the Maven CLI to create a package that you can then execute. Open a command prompt or terminal to the `sinch-sdk-java-quickstart/getting-started/verification/user-verification-using-sms-pin/client` folder and run the following command:


```Shell
mvn package
```

This command creates the `target` folder and application.

## Initiate your verification request

1. Now you can execute the code and initiate your verification request. Run the following command:



```Shell
java -jar target/sinch-java-sdk-client-application-1.0-SNAPSHOT-jar-with-dependencies.jar
```

1. Follow the prompts in the console and enter the phone number of the mobile handset to which you want to send the SMS PIN verification request.
You should receive a text message to your mobile handset with a verification code. In a production scenario, this is the code that a user would enter into your app to verify their account.
If after running your app you receive an application credentials error response, you may have forgotten to save your file after adding your authentication values. This is an easy mistake to make! Try saving the file and running the app again.
You should also see the JSON response in the console.


## Report your SMS PIN code

Now that you've received the SMS PIN code to your mobile handset, it's time to report that code to the Sinch servers to complete the verification process.

1. In the console, follow the prompts by entering the code you received on your mobile handset.
2. If you entered the code that you received, you should see a success report response in your console.
3. Enter `Q` in the console to quit the application or try sending a code to your mobile handset again and reporting an incorrect code to see what happens!


## Additional resources

- [SDK syntax guide](/docs/verification/sdk/java/syntax-reference/)
- [API specification](/docs/verification/api-reference/verification)