Send OTP using Flows

A flow is the part of Salesforce Flow that collects data and performs actions in your Salesforce org or an external system. Nowadays flows are superseding across all other automations in Salesforce. Flows come with great flexibility and ability to perform many operations including the autolaunching ability to be able to run independently on some triggering event. To know more on flows and their types please click here.

Since our main focus is on how to authenticate a user using OTP, let's concentrate on that. Though salesforce provides inbuilt mechanism to cater for the OTP authentication for its internal and external users using Salesforce MFA, there might be scenarios where we are neither Salesforce internal nor external users. Simply saying, what if we have a portal/public community where the users come, here users refer to person accounts/contacts in salesforce, and if we want to authenticate the end users identity by sending and capturing the OTP. This verification can be of two types:

1. OTP verification using SMS
2. OTP verification using Email

We will see how the OTP verification can take place using Email and the same can then be extended to OTP verification for SMS. In this blog we will focus on how to send OTP using autolaunched flows. We will send OTP using Email only.

Implementation: 

We will build a flow solution which will take input as Contact Record Id and send the OTP to the Mail Id registered with the Contact Record.

1. Create an Apex Class named OTPGenerator: This class implements the Process.Plugin interface which makes OTPGenerator visible to flows action.

   public class OTPGenerator implements Process.Plugin {    
       public Process.PluginResult invoke(Process.PluginRequest request){   
           Map<String, Object> result = new Map<String, Object>();  
           String randomIntegerString = string.valueof(Math.abs(Crypto.getRandomInteger()));
           String otp = randomIntegerString.substring(0,6);
           result.put('OTP', otp);
           return new Process.PluginResult(result);
       }
    
       public Process.PluginDescribeResult describe() {
           Process.PluginDescribeResult result = new Process.PluginDescribeResult();
           result.description = 'This plug-in generates a radnom 6-digits code';
           result.tag = 'Identity';
           result.inputParameters = new List<Process.PluginDescribeResult.InputParameter> {};
           result.outputParameters = new List<Process.PluginDescribeResult.OutputParameter> {
               new Process.PluginDescribeResult.OutputParameter('OTP',
               Process.PluginDescribeResult.ParameterType.STRING)
           };  
           return result;
       }
   }

2. Create an Autolaunched Flow: 
• Go to Setup → Flows and create a new autolaunched flow as below

• Select Freeform style and this will open the flow builder canvas. Go to Manager as shown below
  

• Create two new resources recordId and OTP as shown below
• Create recordId variable:
  

  

  recordId

  
  
• Create OTP variable:
  

  

  OTP

• Now go to Elements and drag-drop Get Records on the flow builder canvas and complete the mandatory fields.
  
• Label: Get Contact Record
• Object: Contact
• Filter Condition: Id equals recordId
  
  
  
• Drag-drop the Action from Elements to flow builder canvas to generate and store the OTP
• Filter By: Type
• Apex Action(Legacy)
• Action: OTPGenerator
• Label: Generate OTP for verification
• Store Output Values: OTP
  
• Drag-drop Action again on the flow builder canvas and select following to send the generated OTP via mail.
  

Now all you need is to connect the different elements together. Finally save and activate your flow and your final flow will look like below.

Demo:

Since we are all done with our flow creation and activated it, let's try to run our flow to test how the OTP is generated and sent out to Contact Mail address.

In my upcoming blog, we will see how to use this OTP for verification. Stay tuned for my next blog as that will be more exciting since we will see the OTP verification in Einstein Bots.

← OTP Verification in Einstein BotsLifecycle Hooks in LWC →

If you like this blog content and find inciteful, please comment and let me know.