Add One-Time-Password (OTP)

Add a new One-Time-Password (OTP) factor to the authenticated user. OTP is an authenticator app like Google/Microsoft Authenticator, Authy, etc. Only one OTP per user is allowed. After adding a new OTP it has to be verified.

application/json

Request Body required

• object

application/grpc

Request Body required

• object

application/grpc-web+proto

Request Body required

• object

Responses

• 200
• default

---

A successful response.

application/json

• Schema
• Example (from schema)

---

Schema

• url string
• secret string
• details object

  sequence uint64

  on read: the sequence of the last event reduced by the projection

  on manipulation: the timestamp of the event(s) added by the manipulation

  creationDate date-time

  on read: the timestamp of the first event of the object

  on create: the timestamp of the event(s) added by the manipulation

  changeDate date-time

  on read: the timestamp of the last event reduced by the projection

  on manipulation: the

  resourceOwner resource_owner is the organization an object belongs to

{
  "url": "otpauth://totp/ZITADEL:gigi@acme.zitadel.cloud?algorithm=SHA1&digits=6&issuer=ZITADEL&period=30&secret=TJOPWSDYILLHXFV4MLKNNJOWFG7VSDCK",
  "secret": "TJOPWSDYILLHXFV4MLKNNJOWFG7VSDCK",
  "details": {
    "sequence": "2",
    "creationDate": "2023-05-10",
    "changeDate": "2023-05-10",
    "resourceOwner": "69629023906488334"
  }
}

application/grpc

• Schema
• Example (from schema)

---

Schema

• url string
• secret string
• details object

  sequence uint64

  on read: the sequence of the last event reduced by the projection

  on manipulation: the timestamp of the event(s) added by the manipulation

  creationDate date-time

  on read: the timestamp of the first event of the object

  on create: the timestamp of the event(s) added by the manipulation

  changeDate date-time

  on read: the timestamp of the last event reduced by the projection

  on manipulation: the

  resourceOwner resource_owner is the organization an object belongs to

{
  "url": "otpauth://totp/ZITADEL:gigi@acme.zitadel.cloud?algorithm=SHA1&digits=6&issuer=ZITADEL&period=30&secret=TJOPWSDYILLHXFV4MLKNNJOWFG7VSDCK",
  "secret": "TJOPWSDYILLHXFV4MLKNNJOWFG7VSDCK",
  "details": {
    "sequence": "2",
    "creationDate": "2023-05-10",
    "changeDate": "2023-05-10",
    "resourceOwner": "69629023906488334"
  }
}

application/grpc-web+proto

• Schema
• Example (from schema)

---

Schema

• url string
• secret string
• details object

  sequence uint64

  on read: the sequence of the last event reduced by the projection

  on manipulation: the timestamp of the event(s) added by the manipulation

  creationDate date-time

  on read: the timestamp of the first event of the object

  on create: the timestamp of the event(s) added by the manipulation

  changeDate date-time

  on read: the timestamp of the last event reduced by the projection

  on manipulation: the

  resourceOwner resource_owner is the organization an object belongs to

{
  "url": "otpauth://totp/ZITADEL:gigi@acme.zitadel.cloud?algorithm=SHA1&digits=6&issuer=ZITADEL&period=30&secret=TJOPWSDYILLHXFV4MLKNNJOWFG7VSDCK",
  "secret": "TJOPWSDYILLHXFV4MLKNNJOWFG7VSDCK",
  "details": {
    "sequence": "2",
    "creationDate": "2023-05-10",
    "changeDate": "2023-05-10",
    "resourceOwner": "69629023906488334"
  }
}

An unexpected error response.

application/json

• Schema
• Example (from schema)

---

Schema

• code int32
• message string
• details object[]

  Array [

  @type string

  ]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

application/grpc

• Schema
• Example (from schema)

---

Schema

• code int32
• message string
• details object[]

  Array [

  @type string

  ]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

application/grpc-web+proto

• Schema
• Example (from schema)

---

Schema

• code int32
• message string
• details object[]

  Array [

  @type string

  ]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

POST /users/me/auth_factors/otp

Authorization

type: oauth2flow: authorizationCodescopes: openid

Request

Base URL

https://$ZITADEL_DOMAIN/auth/v1

Bearer Token

Content-Type

application/jsonapplication/grpcapplication/grpc-web+proto

Body required

{}

Accept

application/jsonapplication/grpcapplication/grpc-web+proto

curl -L -X POST 'https://$ZITADEL_DOMAIN/auth/v1/users/me/auth_factors/otp' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{}'

curl -L -X POST 'https://$ZITADEL_DOMAIN/auth/v1/users/me/auth_factors/otp' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{}'

curl -L -X POST 'https://$ZITADEL_DOMAIN/auth/v1/users/me/auth_factors/otp' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{}'

curl -L -X POST 'https://$ZITADEL_DOMAIN/auth/v1/users/me/auth_factors/otp' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{}'

curl -L -X POST 'https://$ZITADEL_DOMAIN/auth/v1/users/me/auth_factors/otp' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{}'

curl -L -X POST 'https://$ZITADEL_DOMAIN/auth/v1/users/me/auth_factors/otp' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{}'

curl -L -X POST 'https://$ZITADEL_DOMAIN/auth/v1/users/me/auth_factors/otp' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
--data-raw '{}'