Profil développeur chdan

chdan / chdan

Creating innovative services for the better world

Generate and validate time-based one-time passwords (TOTP) for your second factor authentication (2FA) scenario using Microsoft Authenticator app

Generate and validate time-based one-time passwords (TOTP) for second factor authentication (2FA) procedure

9.6

316 ms

100%

		Title	Created at (Click to sort ascending)
A	2	Hello Parkeranu, could it be that you had entered issuer=TestIssuer during the /enroll/ step? ![](https://drive.google.com/u/0/uc?id=1zrWkoVIopRhEUascZGDExJynwJEtJVm9&export=download) Best wishes, Daniil	jue. 6:08 5/1/23
A	1	Hello dlogvinkir! Sorry, I didn't get that, what does it mean "hosting resumés"? Can you please clarify	dom. 6:41 31/7/22
A	2	Hello @arpitdalalm! With the newly available v2 version of this API the enroll endpoint requires a POST request instead of GET request with the secret string passed via form-data body. This way sensitive information won't be visible to 3rd parties and remain secret at transit. Regarding the QR codes, we assume that the responses are encrypted via https and end users use trusted networks to open their auto-generated links (there is also an option to enter secret codes manually if this is not the case), we do however work on a possibility to return QR codes in alternative formats. Again many thanks for reporting this finding	mar. 8:12 14/6/22
A	2	Hello @arpitdalalm! With the newly available v2 version of this API the enroll endpoint requires a POST request instead of GET request with the secret string passed via form-data body. This way sensitive information won't be visible to 3rd parties and remain secret at transit. Regarding the QR codes, we assume that the responses are encrypted via https and end users use trusted networks to open their auto-generated links (there is also an option to enter secret codes manually if this is not the case), we do however work on a possibility to return QR codes in alternative formats. Again many thanks for reporting this finding	mar. 8:12 14/6/22
A	1	Hello Carrotsgalaxy, thanks for this valuable comment! I've added "new_v2" endpoint, which returns secret values only without any additional texting. The /new/ endpoint shall be kept as is for the backward compatibility Hope this helps!	sáb. 3:57 1/1/22

chdan / chdan

Discussions