Send OTP verification messages through DataFlows SMS instead of Twilio or other providers. Perfect for Australian businesses looking for competitive SMS pricing.
- Phone authentication OTP delivery via DataFlows SMS API
- Webhook signature verification for security
- Customizable OTP message templates
- Support for Australian and international numbers
- A DataFlows account
- A Supabase project
- Supabase CLI installed
- Log in to your DataFlows dashboard
- Navigate to Developer > Settings
- Copy your API Token
- Note your Sender ID (alphanumeric name or virtual number)
# Clone or copy this integration to your Supabase project
cp -r supabase/functions/dataflows-sms-hook your-project/supabase/functions/
# Navigate to your project
cd your-project
# Set the required secrets
supabase secrets set DATAFLOWS_API_KEY=your_api_token_here
supabase secrets set DATAFLOWS_SENDER_ID=YourSenderID
# Deploy the function
supabase functions deploy dataflows-sms-hook- Go to your Supabase Dashboard
- Select your project
- Navigate to Authentication > Hooks
- Find Send SMS hook and click Edit
- Select HTTP Request as the hook type
- Enter your function URL:
https://<your-project-ref>.supabase.co/functions/v1/dataflows-sms-hook - Click Generate Secret and copy it
- Save the configuration
# Set the webhook secret (from step 3.7)
supabase secrets set SEND_SMS_HOOK_SECRET="v1,whsec_your_secret_here"
# Redeploy to apply the new secret
supabase functions deploy dataflows-sms-hook- In Supabase Dashboard, go to Authentication > Providers
- Enable Phone provider
- Select Hook as the SMS provider (not Twilio/MessageBird)
| Variable | Required | Description |
|---|---|---|
DATAFLOWS_API_KEY |
Yes | Your DataFlows API token |
DATAFLOWS_SENDER_ID |
Yes | Sender ID (alphanumeric or phone number) |
SEND_SMS_HOOK_SECRET |
Yes | Webhook secret from Supabase dashboard |
OTP_MESSAGE_TEMPLATE |
No | Custom message template (default: Your verification code is: {otp}) |
Set a custom OTP message:
supabase secrets set OTP_MESSAGE_TEMPLATE="Your MyApp code is: {otp}. Valid for 10 minutes."supabase startCreate a .env.local file:
DATAFLOWS_API_KEY=your_api_token
DATAFLOWS_SENDER_ID=YourSenderIDsupabase functions serve dataflows-sms-hook --env-file .env.localcurl -X POST http://localhost:54321/functions/v1/dataflows-sms-hook \
-H "Content-Type: application/json" \
-d '{
"user": {
"id": "test-user-id",
"phone": "+61412345678"
},
"sms": {
"otp": "123456"
}
}'import { createClient } from '@supabase/supabase-js'
const supabase = createClient(SUPABASE_URL, SUPABASE_ANON_KEY)
// Request OTP
const { error } = await supabase.auth.signInWithOtp({
phone: '+61412345678'
})
// Verify OTP
const { data, error } = await supabase.auth.verifyOtp({
phone: '+61412345678',
token: '123456',
type: 'sms'
})- Check function logs:
supabase functions logs dataflows-sms-hook - Verify your DataFlows API key is correct
- Ensure the phone number format includes country code (e.g.,
+61412345678) - Check your DataFlows SMS credit balance
- Ensure
SEND_SMS_HOOK_SECRETmatches the secret in Supabase Dashboard - The secret format should be
v1,whsec_<base64-secret>
- Ensure you have the latest Supabase CLI:
supabase update - Check your Supabase project is linked:
supabase link
| Provider | Cost per SMS (AU) |
|---|---|
| Twilio | ~$0.10 AUD |
| DataFlows | Contact for pricing |
- DataFlows: support@dataflows.com.au
- Website: https://dataflows.com.au
- Documentation: https://sms.dataflows.com.au/developers/http-docs
MIT License - Feel free to use and modify for your projects.