The mobile connect sandbox is a complete simulation of a mobile connect ecosystem which can be used to accelerate development of applications which leverage mobile connect. The sandbox provides a discovery service and 9 mobile operators with varying combinations of mobile connect support and error conditions to allow full testing of an application.

The sandbox can be used with any application created through the mobile connect developer portal, regardless of its promotion status.


Sandbox Quick Start

1. Prerequisites

In order to get started with the sandbox, several things are needed:

  1. A Developer Portal account
  2. A Mobile Connect application created on the developer portal
  3. A MSISDN (phone number) which can receive text messages, set up in My Test Numbers.
  4. Your test code or an SDK sample

The following sections cover these in more detail.

Developer portal account

Please create your developer portal account here, or login if you already have one.

Mobile Connect application

Applications for the sandbox are set up through the Developer Portal in the same way that applications are set up for live use.

  1. Visit My Apps
  2. Create a new application, or select an existing one.
  3. You will now see a page containing the access details of that application that can be used for the discovery service on the sandbox. A successful discovery request will return keys which can be used for authentication as well as the 'subscriber_id' (the encrypted MSISDN). The R2 SDK’s will handle all of this automatically.


Whilst Mobile Connect on live systems may use one of several authenticators, the sandbox is limited to only using SMS. You will need a device set up which is able to receive SMS messages.

Please ensure that you set MSISDN for use with the Mobile Connect sandbox by entering it on the My Test Numbers page of the developer portal. Please select Operator­ A when making Mobile Connect Profile v1.1 requests.

Up to 5 test numbers can be configured. To configure test numbers, visit My Test Numbers and enter numbers starting with a ‘+’ and the Country Code.

The MSISDN’s entered here will work with any of the applications configured on your account.

NOTE: The SMS service does not work in all countries. In these countries please use the passthrough numbers listed below.

Countries with known SMS issues

  • India
  • Nigeria
  • Pakistan
  • Brazil

Your Code

Your code should be an app which you’ve integrated with Mobile Connect using one of the SDK’s. You can use the example applications available in the SDK section.

2. Get configuration

In My Apps select the application you wish to test in the sandbox. The application details page shows the client_key, client_secret along with the discovery endpoint which you need when using the sandbox.

The details of how to configure the particular SDK you are using can be found in the documentation for that SDK.

3. Run auth request

You’re now ready to test your application against the sandbox. Ensure that your test number is entered on the My Test Numbers page of the developer portal.

When you have made successful test call to the operator gateway, take a look at Sandbox test operators to get a better understanding of what each test operator can be used for.

If running a discovery request without entering the MSISDN programmatically, a web page such as the following should display allowing a user to enter a the test MSISDN (Other MSISDN’s will fail):


Testing with the Sandbox

The sandbox allows testing of virtually all features of Mobile Connect in a safe environment. Some key things which you may want to test on your integration are:

Normal Authentication

All normal authentication requests can be carried out.

Pin Entry (LOA3)

It’s possible to test the application which ask for a pin confirmation. On the sandbox the pin number is set to 1111.

Repeat logins

The sandbox will return the same PCR each time a successful login is completed. The PCR is globally unique based on the MSISDN, Application and Operator triple, which means that the same number will appear to be different users as the operator is changed in the developer portal.

Passthrough MSISDNs

To increase testing speed we have configured a set of 'passthrough' MSISDNs that you can use to automatically simulate the authentication step without needing an authentication device. Using these MSISDNs will automatically complete the authentication step, as if an end-user has received a notification and then authenticated themselves. The Passthrough MSISDNs can be seen on the Operator table below.


As with real operators each of the sandbox operator has an MNC & MCC, using these attributes will return details of the appropriate operator. The MNC/MCC values can be seen on the Operator table below.


As with real operators each of the sandbox operator has an IP address, using this IP address with the X-Source-IP parameter will return details of the appropriate operator.

Sandbox test operators

There are 2 simulated mobile operators on the sandbox platform. Of these, some perform different roles. The following table explains the purpose of each of them:

Operator Description MCC MNC X-Source-IP Passthrough MSISDN
Operator­ A Only supports Mobile Connect Profile v1.1 (Authentication) 901 01 +447700900901
Operator­ G Supports Mobile Connect Profile v2.0, with Mobile Connect Identity 907 07 +447700900907

Ordinarily it’s suggested that Operator­ A is used for Mobile Connect Profile v1.1 applications and Operator G is used for all other functionality.