BlocksTokens & Crypto
Generate TOTP Secret
Setup two-factor authentication by creating a secret key and a QR code URI.
The Generate TOTP Secret block is the first step in setting up Two-Factor Authentication (2FA). It creates a unique secret key for a user and a special URI that can be used to generate a QR code for authenticator apps.
Configuration
| Field | Required | Description |
|---|---|---|
| Issuer (App Name) | ✅ | The name of your service as it will appear in the user's authenticator app (e.g., MySaaS). |
| Account Name | ✅ | Usually the user's email or username (e.g., [email protected]). |
| Output Variable | ✅ | The variable to store the generated data object. |
User Experience
After generating the secret, you should display the uri as a QR code and ask the user to save the secret securely in your database.
Error Handling
ISSUER_MISSING— Triggered when the Issuer field is empty.ACCOUNT_MISSING— Triggered when the Account Name field is empty.RUNTIME_ERROR— Triggered if the generation process fails.
Example: Starting 2FA Setup
- Issuer (App Name): Enter
FluxyAPI. - Account Name: Enter
{user.email}. - Output Variable: Enter
new_2fa. - Result: The variable
{new_2fa}will contain:{ "secret": "JBSWY3DPEHPK3PXP", "uri": "otpauth://totp/FluxyAPI:[email protected]?secret=JBSWY3DPEHPK3PXP&issuer=FluxyAPI" }
Save {new_2fa.secret} to the user's profile in your database and use {new_2fa.uri} with a Generate QR Code block to show it to the user.
