SMS messages are only working for one specific phone number (+16508042454), while other numbers (+16693223469) don't receive messages, even though the API reports "success".
- Environment Variables: All Twilio environment variables show as "NOT_SET" in our diagnostic
- API Behavior: SMS API calls return "success" for both numbers
- Actual Delivery: Only one number receives messages
This behavior is classic Twilio trial account limitation:
- Verified Numbers Only: Trial accounts can only send SMS to phone numbers that have been explicitly verified
- API Success: Twilio API will return "success" even for unverified numbers
- Silent Failure: Messages to unverified numbers are silently dropped
- No Error Indication: The application has no way to know the message wasn't delivered
The fact that SMS works at all (despite environment variables being NOT_SET) indicates:
- Supabase Project-Level Configuration: SMS is configured directly in Supabase dashboard, not via environment variables
- Working Integration: The Twilio integration is functional
- Delivery Restriction: The issue is at the Twilio account level, not code level
- Log into Twilio Console
- Go to Phone Numbers → Manage → Verified Caller IDs
- Click Add a new number
- Add
+16693223469and any other test numbers - Complete the verification process for each number
- Log into Twilio Console
- Go to Account → Billing
- Add payment method and upgrade from trial to paid account
- This removes the verified number restriction
- SMS will work for any valid phone number
Even though SMS works, the environment variables should be properly configured:
-
Check Current Supabase Configuration:
- Log into Supabase Dashboard
- Go to Authentication → Settings → SMS
- Note the current Twilio configuration
-
Update .env File (use the same values from Supabase dashboard):
# Add these to your .env file PROJECT_REF=your-supabase-project-ref SUPABASE_ACCESS_TOKEN=your-access-token TWILIO_ACCOUNT_SID=your-twilio-account-sid TWILIO_AUTH_TOKEN=your-twilio-auth-token TWILIO_PHONE_NUMBER=your-twilio-phone-number -
Run Configuration Script:
./scripts/supabase-twilio.sh
After implementing solutions, test both numbers:
# Test first number
curl -X POST http://localhost:8080/api/auth/send-sms \
-H "Content-Type: application/json" \
-d '{"phoneNumber":"+16508042454"}'
# Test second number
curl -X POST http://localhost:8080/api/auth/send-sms \
-H "Content-Type: application/json" \
-d '{"phoneNumber":"+16693223469"}'- Go to Twilio Console
- Navigate to Monitor → Logs → Messaging
- Look for recent SMS attempts
- Check delivery status for both numbers
- Both numbers should receive SMS messages
- API will continue to return "success"
- Twilio logs will show "delivered" status
- Any valid phone number will receive SMS messages
- No need to pre-verify numbers
- Full SMS functionality for production use
Consider implementing:
- Twilio Webhook Integration: Get delivery status callbacks
- SMS Delivery Monitoring: Track actual delivery vs. API success
- Account Limit Monitoring: Alert when approaching trial limits
Update your deployment documentation to include:
- Twilio account requirements
- Environment variable setup
- SMS testing procedures
The diagnostic tool checks process.env variables, but Supabase can be configured via:
- Dashboard Configuration: Direct setup in Supabase UI
- Management API: Using scripts like
supabase-twilio.sh - Environment Variables: Runtime configuration (what we're checking)
Your setup uses dashboard/API configuration, which is why environment variables appear unset but SMS still works.
- Application →
supabase.auth.signInWithOtp() - Supabase → Uses configured Twilio credentials
- Twilio → Sends SMS (or silently drops for unverified numbers)
- Response → Always returns "success" to Supabase
- Supabase → Returns "success" to application
The issue occurs at step 3, where Twilio silently drops messages to unverified numbers in trial accounts.