To provide branded, personalized identity verification experiences for external users, create an Apex handler to send one-time passwords (OTPs) via an SMS messaging provider of your choice. Customize the content of the message and the short code that tells users who sent it. Use the handler to send OTPs for any Experience Cloud identity verification use case, such as multi-factor authentication (MFA) and passwordless login.
Where: These changes apply to LWR, Aura, and Visualforce sites accessed through Lightning Experience and Salesforce Classic in Enterprise, Unlimited, and Developer editions.
Why: For Experience Cloud sites, use a custom OTP provider for any identity verification use case that uses SMS, such as MFA, passwordless login and registration, self-registration with SMS, and device activation.
For headless apps, use a custom OTP provider to send SMS messages during the headless forgot password, passwordless login, and registration flows.
How: Create a custom one-time password delivery handler Apex class. From your Experience Cloud Login & Registration settings, in the Customized OTP Delivery section, select your Apex handler class.
To opt in to this feature, contact your Salesforce account executive. Opting in to this feature affects all Experience Cloud sites. To avoid disruptions, enable the Apex handler for all sites.