Hi
I followed below link trying to register new TOTP token with 2 steps enrollment
https://privacyidea.readthedocs.io/en/latest/modules/api/token.html#post--token-init
1st call was like this
HttpResponse response = Unirest.post(“https://{URL}/token/init?realm=defrealm&genkey=1&type=totp&user={username}&2stepinit=1”)
.header(“Authorization”, “{token}”)
.asString();
I got a respond 200 and token including base64 image. I use Google Authenticator to scan the QR code.
Then, user has enter the code back getting from Client/App.
So I use /validate/check
to validate if the code correct before calling 2nd step to enroll the token.
If success with matching token, I register 2nd step with the following
HttpResponse response = Unirest.post(“https://{URL}/token/init?type=totp&serial={serial got from 1st called}&otpkey={code from client app}”)
.header(“Authorization”, “{token}”)
.asString();
I get 200 respond but I cannot login with that code from client app.
If I use /validate/check
to validate code from client app; it’s not matching anymore. respond with 200 but “wrong otp value”.
Anything I did wrong here?
Thanks!!