# How to use Verify with Flow Builder In this article, we'll show you how to integrate MessageBird's Verify service with Flow Builder.

1. Log in to your [MessageBird Dashboard](https://dashboard.messagebird.com/) and navigate to [Flow Builder](https://dashboard.messagebird.com/en/flow-builder). 2. Click **Create new Flow**, then select **Templates**. 3. Select the **Send verification code** template. 4. In the **Webhook** step settings, configure your **Webhook variables** as required. For example, 'recipientEmailAddress' if you want to send verification codes via email, or 'recipientPhoneNumber' for SMS and Voice. Click **Save**. 5. Click on the **Verify** step. 6. In the step's settings, select the **Channel type** that you want to use to send the verification code from the drop-down menu. You can choose **SMS**, **Voice**, or **Email**. 7. In the **Recipient** field, drag and drop the **Webhook variable** that you created in step 4 from the **Available variables** panel. 8. Fill out the **Originator** details as required. You can also make changes to the [Advanced settings](#h_01FAD3Z13BKM3H81GFVR1DDH17) if required. 9. Check the **Message template** copy and edit it as required, or leave it with the default text. 10. Scroll down to the **Recieve user input** section, and copy the **Callback URL**. This is the URL that your consumer app will have to invoke once the user inputs their verification code. [Read more about the Callback URLs](#h_01FAD35W7WPG2SPG9FWN9XKN3A). 11. Save and publish your flow. After the callback is invoked, the flow will then continue along the appropriate branch.

Here's how the branches work: * **Verified** means that the appropriate verification code was received, within the defined timeout interval. * **Invalid** means that the wrong or empty verification code was received. * **Expired** means that the verification code was not received within the defined timeout. * **Failed** means that for some reason we have failed to send the verification code to the user - you should retry the verification procedure or try another verification channel. * **Deleted** means that within the timeout period a request has been sent to the Verification time to cancel this verification request. ### Verify step advanced settings #### Token-related settings

* **Reference** is a metadata field that is usually used to store 3rd party system identifiers - if, for example, you want to crosscheck MessageBird requests with your requests. * **Token length** can be used to specify a longer token length if the default of 6 characters isn't strong enough. Tokens can be a maximum of 10 digits long. * **Datacoding** specifies the encoding used for SMS messages. Using a \*plain\* encoding will make the message take fewer bytes but won't allow for non-Ascii characters. Switching to a \*unicode\* encoding will support all characters but will increase the size of a character, which could lead to the SMS message being split into multi-part messages. #### Timeout settings * **Timeout** can be used to specify the amount of time that the system will wait for the verification code to be submitted. After this timeout expires, the validation request will automatically expire. We recommend setting this to less than 30 seconds. ### What should the Callback URLs look like? #### SMS verification For **SMS verification**, the Callback URL should look like this:

Which, at runtime, will look like this: ``` curl -X GET "https://flows.messagebird.com/flows/invocations/webhooks/95579c7a-3333-4007-a097-5bfbc80cd363?identifier=14088001500&token=840511" ``` Note that the **recipientPhoneNumber** needs to match the phone number of the recipient.

#### Voice verification For **Voice verification**, the Callback URL should look like this:

#### Email verification For **Email verification**, the Callback URL should look like this:

Which, at runtime, will look like this: ``` curl -X GET "https://flows.messagebird.com/flows/invocations/webhooks/95579c7a-3333-4007-a097-5bfbc80cd363?identifier=john@doe.com&token=840511" ``` Note that the **recipientEmailAddress** needs to match the (first's) recipient's email address.