To trigger Ory Kratos to send phone verification, you need to follow these steps: 1. Configure your identity schema to include a phone number trait that is marked as verifiable. Here's an example of how to define such a trait in the identity schema:

json {   "properties": {     "traits": {       "type": "object",       "properties": {         "phone": {           "type": "string",           "title": "Phone number",           "format": "tel",           "<http://ory.sh/kratos|ory.sh/kratos>": {             "verification": {               "via": "sms"             }           }         }       }     }   } }

This configuration marks the phone number as verifiable via SMS [Identity schema extensions](https://www.ory.sh/docs/kratos/manage-identities/customize-identity-schema#verification-address). 2. Ensure you have configured an SMS channel in your Ory configuration. You'll need to set up a custom SMS sender, as Ory sends the verification code and other metadata to a webhook of your choice. For more details on this, refer to the [SMS documentation](https://www.ory.sh/docs/kratos/mfa/mfa-via-sms#integration). 3. To initiate the verification process, you need to send a POST request to the

/self-service/verification

endpoint. Here's an example using cURL for a browser flow:

sh curl -X POST \     -H 'Content-Type: application/json' \     -H 'Accept: application/json' \     -b cookies.txt \     -d '{"method":"code","phone":"<phone_number>","csrf_token":"your-csrf-token"}' \     "https://$<http://PROJECT_SLUG.projects.oryapis.com/self-service/verification?flow=<your-flow-id|PROJECT_SLUG.projects.oryapis.com/self-service/verification?flow=<your-flow-id>>"

Note that you should replace

<phone_number>

with the actual phone number,

your-csrf-token

with the CSRF token, and

<your-flow-id>

with the appropriate flow ID [Submit verification flow](https://www.ory.sh/docs/kratos/bring-your-own-ui/custom-ui-basic-integration#submit-verification-flow). Remember that the verification flow might have a second submit step if the recovery method is set to

code

. In this case, the user will need to submit the received code in a subsequent step. Make sure you have properly set up your SMS delivery provider to ensure reliable delivery of verification codes.

To set the expiration time for verification via SMS in Ory Kratos, you can configure it in the identity configuration. Here's how you can do it: 1. First, you need to access your Ory Identities configuration. You can do this using the Ory CLI:

ory get identity-config --project <project-id> --workspace <workspace-id> --format yaml > identity-config.yaml

2. Open the

identity-config.yaml

file and add or modify the configuration for the verification flow. You can set the

lifespan

parameter to define how long the verification code is valid. Here's an example:

yaml selfservice:   methods:     code:       enabled: true       config:         lifespan: 15m  # This sets the verification code lifespan to 15 minutes    flows:     verification:       use: code  # This specifies that we're using the code method (for SMS)       enabled: true       lifespan: 15m  # This sets the overall verification flow lifespan to 15 minutes

3. After making these changes, update your Ory Identities configuration using the CLI:

ory update identity-config --project <project-id> --workspace <workspace-id> --file identity-config.yaml

In this configuration,

lifespan: 15m

sets the expiration time to 15 minutes. You can adjust this value as needed, using formats like

30m

for 30 minutes or

1h

for one hour. Note that there are two

lifespan

settings: - The one under

methods.code.config

defines how long the verification code itself is valid. - The one under

flows.verification

defines how long the entire verification flow (the UI interaction) is valid. You can set these to different values if needed, but typically they would be the same or the flow lifespan would be longer than the code lifespan. [Source: Kratos Self-service Flows Verify Email Account Activation Configuration](https://www.ory.sh/docs/kratos/self-service/flows/verify-email-account-activation#configuration) Remember to configure your SMS channel properly to ensure the verification messages are sent correctly. If you need help with SMS configuration, you can refer to the [SMS documentation](https://www.ory.sh/docs/kratos/emails-sms/sending-sms).