Generate TOTP

This topic describes how to generate a time-based one-time passcode (TOTP). Complete this step if you want end users to use TOTP. If you are using the SecureAuth® Identity Platform MFA methods push-to-accept, symbol-to-accept, or biometric, see "Receive push notification" and "Reply to push notification." The following items apply to generating TOTPs:

  • To support the TOTP option from the Identity Platform, your app needs to generate TOTP and display the results.

  • End users must enroll their device by using a QR code or URL before using this option.

  • SecureAuth uses standard, OATH TOTP-compliant 2FA.

In this workflow, end users with enrolled devices attempt to access a secure resource. Their app will generate a TOTP whether or not they have internet connection. This is a good option when end users might not be connected to the internet when they need to authenticate.

The following code sets up this feature.

...
let model = AccountsViewModel(secureAuth.accountStore)

// This will load the accounts to the model.accounts array and returns // an Observable<[Account]>
model.loadAccounts()
	.subscribe(onNext: { accounts in
	  // Use accounts as appropriate
	}, onError: { error in
	  // Present appropriate error
})
.disposed(by: disposeBag)

...
// Grab an account from the array for use and call generateTOTP()
let totp = account.generateTOTP()