Caller Authentication does not work using twilio provider

User687957 · ‎03-25-2026

Dear all,

I have setup an Assistant provider as twilio for testing voice agent.From the configuration below I have setup the KBA for caller identification through phone number and set the caller authentication as Auth App
When calling the voice agent number, I manage to get identified by phone number but the second step for Auth App authentication fails all time by typing correct number
I have also try as MPF to set the SoftPin first but same thing
I have the feeling that MFA did not work at all in such context

Any one have experience this issue and any idea how to solve ?

regards

pr8172510 · ‎03-26-2026

Hi,

What’s happening

Caller identification via phone number works fine, but Auth App / MFA (like OTP or push) does not always work reliably in Voice/IVR scenarios.

Reason:

MFA methods like Auth App are designed for interactive (UI) channels
In voice flows, there’s no native way to handle:
- Push approvals
- App-based verification
So the validation step often fails even if the input is correct

Why Soft PIN / MPF also fails sometimes

Even with Soft PIN:

Voice input (DTMF) handling can be inconsistent
Formatting or input timing can cause validation failure
Some MFA policies are not fully supported in Voice flows

What is supported / recommended

1. Use Voice-friendly authentication methods

For Voice Agent, stick to:

PIN-based authentication
Knowledge-based questions (KBA)
Phone number identification (ANI)

These are the most reliable.

2. Avoid Auth App for voice

Auth App (OTP / push) is:

Not designed for IVR flows
Not consistently supported via Twilio integration

3. Validate MFA configuration

Double-check:

MFA policy applied to users
Method allowed for API / non-interactive channels
Any restrictions on authentication context

4. Test outside Twilio

Try:

Same authentication via Web / Portal

If it works there but not in voice → confirms it’s a channel limitation

User687957 · ‎03-26-2026

hello @pr8172510 ,

Thanks for your reply, you mention that SoftPin and MFA does not work correctly with voice agent but from assistant designer and Authentication method you must select 2 manadantory things :
1- Caller identification ( enter phone number through key pad when configuring KBA)
2 - MFA by chosing either SoftPin or Auth App

So I have no choice to enter this MFA configuration as it is mandatory.
The configuration above is what I actually have.

Now my main point is how to make it work ?

Q1: I do not understand how to verify points below, can you guide or clarify ?

Double-check:

MFA policy applied to users
Method allowed for API / non-interactive channels
Any restrictions on authentication context

Q2 : Same authentication via Web / Portal
MFA works correctly on web portal and active

There should be something wired because I cannot imagine ServiceNow supporting Twilio integration and fails in MFA authentication process.
The difference with MFA in web portal or any other login is base it is based on a user session.
Talking about voice , if MFA is supported as SoftPin for exemple, I guess they should build behind the user session based on the Caller Identification

Q3 : What is the way to check in kind of log table, the data which is post when I enter the SoftPin from my mobile keypad ?

Stuck for now and finding someone here who already succeed seems to be hard

Hoping you can help

Paulsylo · 2 weeks ago

HI @User687957 - for me somehow this call Identification is not working , it i shows blank on my instance. i tried all steps given in the KB.

Regards,
PaulSylo

To be is to do. To do is to be.

User687957 · 2 weeks ago

Hello @Paulsylo , I manage to get it to work with help of Servicenow support.

The issue is a bug in ServiceNow authentication where it is not properly check the phone number format based on the format store in service now user table.

The bug has been reported to the team and in correction phase

regards