Generate a Secret
This API is used to generate a new multi-factor secret for use when enabling multi-factor authentication for a User. This is provided as a helper to assist you in enabling multi-factor authentication.
If this secret will be used with a QR code to allow the User to scan the value, use the Base32 encoded value returned in the response.
Request#
GET/api/two-factor/secret
OpenAPI Spec
GET/api/two-factor/secret
OpenAPI Spec
Response#
The response for this API contains a Multi-Factor secret suitable for an authenticator like Google Authenticator.
Response Codes| Code | Description |
|---|---|
| 200 | The request was successful. The response will contain a JSON body. |
| 401 | You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication. |
| 500 | There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty. |
| 503 | The search index is not available or encountered an exception so the request cannot be completed. The response will contain a JSON body. |
Response Body#
secretStringA Base64 encoded secret that may be used to enable Multi-Factor authentication.
secretBase32EncodedStringA Base32 encoded form of the provided secret. This is useful if you need to provide a QR code to the User to enable Multi-Factor authentication.
Example Response JSON
{
"secret": "8MJJfCY4ERBtotvenSc3",
"secretBase32Encoded": "HBGUUSTGINMTIRKSIJ2G65DWMVXFGYZT"
}