Two-Factor Authentication

Two-Factor Authentication

TOTP-based 2FA compatible with Google Authenticator, Authy, and other authenticator apps.

Base URL

/api/v1/2fa
POST/setupAuth
Generate 2FA secret and QR code
POST/enableAuth
Enable 2FA with TOTP code
{
  "token": "string (6-digit TOTP)"
}
POST/disableAuth
Disable 2FA
{
  "token": "string"
}
POST/verifyAuth
Verify 2FA during login
{
  "token": "string"
}
GET/statusAuth
Get current 2FA status
POST/backup-codes/regenerateAuth
Regenerate backup codes
{
  "token": "string"
}

Setup Flow

1Call /setup to get QR code and secret
2Scan QR code with authenticator app
3Call /enable with generated TOTP to activate
4Save the 10 backup codes securely