B2B Saas Authentication
/
API reference
/
Multi-Factor Authentication (MFA)
/
Time-based one-time passcodes
/
Create TOTP
Create a new TOTP instance for a Member. The Member can use the authenticator application of their choice to scan the QR code or enter the secret.
Passing an intermediate session token, session token, or session JWT is not required, but if passed must match the Member ID passed.
curl --request POST \
--url https://test.stytch.com/v1/b2b/totp \
-u 'PROJECT_ID:SECRET' \
-H 'Content-Type: application/json' \
-d '{
"organization_id": "organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931",
"member_id": "member-test-32fc5024-9c09-4da3-bd2e-c9ce4da9375f"
}'{
"member": {
"email_address": "sandbox@stytch.com",
"email_address_verified": false,
"is_breakglass": false,
"member_id": "member-test-32fc5024-9c09-4da3-bd2e-c9ce4da9375f",
"member_password_id": "member-password-test-2aaf4...",
"mfa_enrolled": false,
"mfa_phone_number": "",
"mfa_phone_number_verified": false,
"name": "",
"oauth_registrations": [],
"organization_id": "organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931",
"sso_registrations": [],
"scim_registration": [],
"status": "pending",
"trusted_metadata": {},
"untrusted_metadata": {}
},
"member_id": "member-test-32fc5024-9c09-4da3-bd2e-c9ce4da9375f",
"organization": {...},
"secret": "BTGNX5RKJRMQWQFRQKTG34JCF6XDRHZS",
"totp_registration_id": "member-totp-test-41920359-8bbb-4fe8-8fa3-aaa83f35f02c",
"qr_code": "data:image/png;base64, iVBORw0KGgoAAAANSUhEUgAAAMgAAADIEAAAAADYoy0BAAAG8ElEQVR...8EAAD//7dQP/5Y00bRAAAAAElFTkSuQmCC",
"recovery_codes": "[
"ckss-2skx-ebow",
"spbc-424h-usy0",
"hi08-n5tk-lns5",
"1n6i-l5na-8axe",
"aduj-eufq-w6yy",
"i4l3-dxyt-urmx",
"ayyi-utb0-gj0s",
"lz0m-02bi-psbx",
"l2qm-zrk1-8ujs",
"c2qd-k7m4-ifmc"
]",
"request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
"status_code": 200
}