Start TOTP setup

curl --request POST \
  --url https://org-api.hexoforge.dev/api/v1/pub/{project_id}/auth/totp/setup \
  --header 'X-API-Key: <api-key>'

{
  "secret": "<string>",
  "uri": "<string>"
}

POST

api

pub

{project_id}

auth

totp

setup

Start TOTP setup

curl --request POST \
  --url https://org-api.hexoforge.dev/api/v1/pub/{project_id}/auth/totp/setup \
  --header 'X-API-Key: <api-key>'

{
  "secret": "<string>",
  "uri": "<string>"
}

Creates a TOTP secret in a pending state. Requires X-API-Key and Bearer access token.

Send both X-API-Key and Authorization: Bearer. Complete setup with Verify TOTP setup within 5 minutes.

Response

200 OK

{
  "secret": "JBSWY3DPEHPK3PXP",
  "uri": "otpauth://totp/MyApp:user@example.com?secret=JBSWY3DPEHPK3PXP&issuer=MyApp"
}

secret

string

Base32 secret for manual entry.

uri

string

otpauth URI for QR apps.

Code	Meaning
200	Secret generated (pending verification)
400	TOTP already enabled
401	Invalid token
403	TOTP disabled for project, IP blocked, or firewall deny

⌘I