2FA by phone should be dead. SMS is insecure and I've deprecated it for all forms of communication with me. I use virtual numbers for all websites and banks that have stupid forced phone 2FA, including Facebook.
Twilio is a good place to start and has a pretty feature-complete API. There are other alternatives as well.
Do note that some services aren't able to send SMS to virtual numbers in the US, for some reason. If that happens, try again with a virtual number in the UK or somewhere else, or if there is a voice call confirmation option that may also work for you as you can redirect the call programatically. Considering the phone numbers typically cost only $1/month each you can keep a few around to deal with this situation.
