3.2 KiB
3.2 KiB
OpenAI phone verification with 5sim SMS activation — 2026-05-10
Context
During a Codex2API OAuth onboarding run for BOSS, OpenAI registration/login reached https://auth.openai.com/add-phone after email verification. BOSS corrected that phone verification must use SMS receive channels, not WhatsApp. The original codex-oauth-automation-extension provider confirmed the right 5sim API shape:
GET https://5sim.net/v1/user/buy/activation/{country}/{operator}/openai
GET https://5sim.net/v1/user/check/{activationId}
GET https://5sim.net/v1/user/cancel/{activationId}
GET https://5sim.net/v1/user/finish/{activationId}
Use product=openai, operator=any unless configured otherwise. If FIVE_SIM_COUNTRY_ID is empty, the extension default is vietnam.
Learned workflow
- Cancel any current 5sim activation before switching proxy, country, or retry strategy.
- Follow configured country first; do not silently fall back to other countries unless BOSS approves or config changes.
- For non-USA numbers, select the OpenAI country selector with visible UI and verify DOM shows the expected country before buying/submitting a number.
- Prefer real UI paste/click for the phone page. CDP-only mutation of
input[type=tel]can desync React state: the visible country may later revert from越南 (+84)to美国 (+1)on submit. - If OpenAI returns
无法向此电话号码发送验证码。请稍后重试或使用其他号码。, classify it as a number/provider rejection. Cancel the activation and buy a new number in the same configured region. - If the page shows
电话号码无效。after non-USA submission, first verify the country selector did not revert to美国 (+1); this may be a selector-state problem, not a bad number. - When changing browser proxy, expect OpenAI auth session invalidation. Re-open OAuth from the target panel, then redo email login/code before returning to
add-phone. - Codex2API admin page URL may be stored as
/admin/accounts; derive API origin from the URL before calling/api/admin/oauth/generate-auth-url.
Observed proxy behavior
socks5://192.168.2.8:1085: OpenAIadd-phonereached; multiple Vietnam 5sim numbers rejected with无法向此电话号码发送验证码....socks5://192.168.2.8:1083: TCP and exit IP worked; raw curl to ChatGPT returned Cloudflare challenge 403, but real Chrome loaded OpenAI login. Session changed to你的会话已结束, requiring a fresh Codex2API OAuth URL and email code. A fresh Vietnam 5sim number was still rejected.
Practical checks
# Probe proxy with remote DNS
nc -vz -w 3 192.168.2.8 1083
curl --proxy socks5h://192.168.2.8:1083 --max-time 20 https://api.ipify.org
curl --proxy socks5h://192.168.2.8:1083 -I -L --max-time 30 https://chatgpt.com/ | sed -n '1,30p'
# Derive Codex2API API origin from env URL that may point at /admin/accounts
from urllib.parse import urlsplit
raw = CODEX2API_URL
u = urlsplit(raw)
origin = f'{u.scheme}://{u.netloc}' if u.scheme and u.netloc else raw.rstrip('/')
endpoint = origin + '/api/admin/oauth/generate-auth-url'
Do not leak
Do not print API keys, 5sim token, phone number, OAuth callback URL/code, account password, or admin key in final reports. Mask phone numbers and IDs if not needed.