We are struggling with a SSPR 4.4.0.0 b306 r39665 test appliance with the perspective to replace our two password reset services presently in use. Unfortunately, we didn't find the documentation overly exhaustive.
One of our goals is to use SMS verification (exclusively) as method to allow users to reset their forgotten password. While after numerous trials and errors we've discovered a way to get SSPR to send SMS messages via our SMS gateway pressing the "Test SMS settings" button, we continue to be presented with a "5036
This holds, no matter whether we are using "@LDAP:customAttrSMS@" (successfully expanded to the user's SMS number when tested in the SSPR configuration editor) or "%TO%" (lacking precise information we are assuming "%TO%" gets populated from the attribute "telephoneNumber").
The configuration lines coming to my mind state
<setting key="recovery.verificationMethods" syntax="VERIFICATION_METHOD" profile="default" syntaxVersion="0" modifyTime="2020-03-03T14:29:20Z" modifyUser="default|cn=xxx">
<label>Verification Methods</label>
<value><![CDATA[{"methodSettings":{"PREVIOUS_AUTH":{"enabledState":"disabled"},"ATTRIBUTES":{"enabledState":"disabled"},"CHALLENGE_RESPONSES":{"enabledState":"disabled"},"TOKEN":{"enabledState":"required"},"OTP":{"enabledState":"disabled"},"REMOTE_RESPONSES":{"enabledState":"disabled"},"OAUTH":{"enabledState":"disabled"},"null":{"enabledState":"disabled"}},"minOptionalRequired":0}]]></value>
</setting>
<setting key="challenge.token.sendMethod" syntax="SELECT" profile="default" syntaxVersion="0" modifyTime="2020-02-26T11:32:19Z" modifyUser="default|cn=xxx">
<label>Token Send Method</label>
<value><![CDATA[SMSONLY]]></value>
</setting>
Since we are new to SSPR we may have overlooked some essential setting, but searching the available documentation didn't help so far. So any hints by more experienced SSPR users would be welcome.