<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base

Public API Not Available for Retrieving Okta Verify TOTP Codes

Last Updated:

Okta Classic Engine
Okta Identity Engine
Devices and Mobility

Overview

This article explains that a public Application Programming Interface (API) cannot directly retrieve a generated Time-based One-Time Password (TOTP) from an Okta Verify enrollment.

Applies To

  • Okta Verify
  • API
  • Time-based One-Time Password (TOTP)

Solution

A public API is not provided to directly retrieve the generated TOTP code from an Okta Verify enrollment. This is an intentional security measure to prevent the automated bypass of the second authentication factor.

 

Okta Verify is designed for individual user authentication, where a One-Time Password (OTP) is generated on a trusted device. Automating the retrieval of this code or the underlying secret key via an API would undermine this security design.

Recommended content

Still looking for help?
Loading
Okta Support - Public API Not Available for Retrieving Okta Verify TOTP Codes