Enrolling and Activating Google Authenticator via API
Sep 29, 2025
Okta Classic Engine
Multi-Factor Authentication
Okta Identity Engine
Overview
This article details how to enroll and activate Google Authenticator via API.
Applies To
- Multi-factor Authentication (MFA)
Solution
- Run API Call: Factors > Enroll Google Authenticator Factor. Please take note of the UserID and FactorID.
POST {{url}}/api/v1/users/{{userId}}/factors -
From the Output, scroll down to qrcode and click the href link.
- Hit Send.
The response body will contain a QR code that needs to be scanned by the authenticator application. This will register the profile.
- Activate Google Authenticator:
POST: {{url}}/api/v1/users/{{userID}}/factors/{{factorID}}/lifecycle/activate
Under Body request > go to Raw. Enter the 6-digit code from the authenticator application in place of the [Enter the Google Authenticator Random 6-digit code] or any other code present in that field:
{
"passCode": "[Enter Your Google Authenticator Random 6-digit code]"
} - Hit Send.
- Check the Okta System logs. The end user should now be enrolled with Google Authenticator.
It is also possible to check under the user's profile > More Actions > Reset Multifactor Option:
NOTE: If the Google PENDING_ACTIVATION response is not received, ensure that Google Authenticator has been added as a factor and that the end user is assigned to the group permitted to use Google Authenticator.
