Consumer Authentication

/

Frontend SDKs

/

Headless

/

Time-Based One-Time Passcodes (TOTP)

/

Create

Create

Wraps Stytch's Create endpoint. Call this method to create a new TOTP instance for a user. The user can use the authenticator application of their choice to scan the QR code or enter the secret.

Wraps Stytch's Create endpoint. Call this method to create a new TOTP instance for a user. The user can use the authenticator application of their choice to scan the QR code or enter the secret.

You can listen for successful user updates anywhere in the codebase with the stytch.user.onChange() method or useStytchUser() hook if you are using React.

Note: If a user has enrolled another MFA method, this method will require MFA. See the Multi-factor Authentication section for more details.

Method parameters

expiration_minutesint

Response fields

request_idstring
status_codeint
secretSecret
totp_idstring
qr_codestring
recovery_codesarray[strings]
user_idstring
userobject
import { useCallback } from 'react';
import { useStytch } from '@stytch/react';

export const Login = () => {
  const stytch = useStytch();

  const trigger = useCallback(() => {
    stytch.totps.create({ expiration_minutes: 60 });
  }, [stytch]);

  return <button onClick={trigger}>Create TOTP</button>;
};

RESPONSE

200
{
    "status_code": 200,
    "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
    "secret": "BTGNX5RKJRMQWQFRQKTG34JCF6XDRHZS",
    "totp_id": "totp-test-41920359-8bbb-4fe8-8fa3-aaa83f35f02c",
    "qr_code": "data:image/png;base64, iVBORw0KGgoAAAANSUhEUgAAAMgAAADIEAAAAADYoy0BAAAG8ElEQVR...8EAAD//7dQP/5Y00bRAAAAAElFTkSuQmCC",
    "recovery_codes": [
      "ckss-2skx-ebow",
      "spbc-424h-usy0",
      "hi08-n5tk-lns5",
      "1n6i-l5na-8axe",
      "aduj-eufq-w6yy",
      "i4l3-dxyt-urmx",
      "ayyi-utb0-gj0s",
      "lz0m-02bi-psbx",
      "l2qm-zrk1-8ujs",
      "c2qd-k7m4-ifmc"
    ],
    "user_id": "user-test-16d9ba61-97a1-4ba4-9720-b03761dc50c6",
    "user": {...},
  }