In this article we learn how to configure 2FA using Authenticator app:

In our example we download Microsoft Authenticator app, but you can use any compatible Authenticator app (Google Authenticator, 1Password, etc.):

Now we have Microsoft Authenticator app installed. Again, our next step would be to generate “secret” information and assign it to our account id. Don’t forget to subscribe to the API.

We will be using /new_v2/ endpoint. Create a /new_v2/ request in Postman and provide url and X-Rapidapi-Key for authorization (your X-Rapidapi-Key is visible here: https://rapidapi.com/chdan/api/microsoft-authenticator). No additional parameters needed.

After successful execution of the /new_v2/ endpoint you’ll see your new secret value:

Make sure your are getting 200 response and execute POST requests.

Save this secret value, add “account”, “issuer” and “printQR” into our next /enroll/ endpoint. After successful execution of /enroll/ service you will get the QR code, which your users could add into Microsoft Authenticator app:

(nb! in previous versions without printQR=X you have been receiving links to 3rd party web sites. Please use the option printQR=X to avoid dependency on 3rd party services)

Use “Scan a QR code” button in Microsoft Authenticator (first push “+” button):

Done! After we synced Microsoft Authenticator app with your server’s secret, Microsoft Authenticator app starts generating time-based one-time passwords (TOTP):

Now we can validate one-time passwords (TOTP) on our end using /validate/ service:

“True” value indicates a correct entry. After 60 seconds the same request would return “False” value.