Introduction

TOTP API enables administrators to manage the TOTP secrets of the users. With TOTP API it's possible to manage the secrets for users in other types of directories in addition to Ubilogin Directory.

The API calls available are:

• PUT /totp/api/v1/methods/{method} - Configures the TOTP method for a user
• DELETE /totp/api/v1/methods/{method} - Deletes the TOTP method from a user
  
• GET /totp/api/v1/methods/{method} - Gets the TOTP method status for a user
  

API documentation

TOTP API is documented using Swagger. In order to access the API specification, you can enable the API documentation as instructed in TOTP API configuration chapter Enable API documentation. Documentation is accessible in https://<sso-base-url>/totp/swagger-ui/ and it defines the endpoints, payloads, and responses. You can also use the Swagger UI to test the API.

Testing the API with the documentation webpage

The Swagger UI has a feature for trying out the different endpoints. A valid access token is required in order to call the endpoints. See TOTP API configuration chapter Verify the API works for instructions on acquiring an access token.

In order to provide an access token to be used in the API calls, click the following button

and write Bearer followed by an access token in the input field and click Authorize.

After this you can try the different endpoints.

Related content

• Page:
  TOTP Authentication Method
• Page:
  TOTP API configuration - SSO
• Page:
  TOTP API - SSO