Generate a Secret

This API is used to generate a new multi-factor secret for use when enabling multi-factor authentication for a User. This is provided as a helper to assist you in enabling multi-factor authentication.

If this secret will be used with a QR code to allow the User to scan the value, use the Base32 encoded value returned in the response.

Request#

API Key Authentication
Generate a multi-factor Secret
GET/api/two-factor/secret
OpenAPI Spec
JWT Authentication
Generate a multi-factor Secret
GET/api/two-factor/secret
OpenAPI Spec

Response#

The response for this API contains a Multi-Factor secret suitable for an authenticator like Google Authenticator.

Response Codes
CodeDescription
200The request was successful. The response will contain a JSON body.
401You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.
500There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.
503The search index is not available or encountered an exception so the request cannot be completed. The response will contain a JSON body.

Response Body#

secretString

A Base64 encoded secret that may be used to enable Multi-Factor authentication.

secretBase32EncodedString

A Base32 encoded form of the provided secret. This is useful if you need to provide a QR code to the User to enable Multi-Factor authentication.

Example Response JSON

{
  "secret": "8MJJfCY4ERBtotvenSc3",
  "secretBase32Encoded": "HBGUUSTGINMTIRKSIJ2G65DWMVXFGYZT"
}