Dear all,
I have a problem with authen by OTP with TOTP token. I don’t known how to auth.
The first, I create new token by call api /token/init
{
"genkey":1,
"description":"API gen token for NguyenHa user",
"user":"nguyenha",
"realm":"{{realm}}",
"type":"totp",
"tokenrealm":"otp-ldap",
"otplen":"6",
"2stepinit":1,
"issuer":"NH TOKEN",
"pin": "111111"
}
Then, I get the base64 image from response and i use google authen to scan QrCode.
Next step, I call api /validate/check with otp from Google Auth app
{
"serial":"TOTP001009EC",
"user":"nguyenha",
"realm":"{{realm}}",
"otponly":1,
"pass":"111111897595"
}
But the response is:
"detail": {
"message": "OTP verification failed.",
"threadid": 139735676434176
},
I am using privacyIDEA 3.6.2.
Thank for your support.
Hello and welcome to privacyIDEA!
Your /validate/check request is wrong.
If you put otponly:1
then you are telling privacyIDEA; that you are only sending the OTP, but you are including the PIN.
Simply omit the otponly
!
Thank Cornelinux for your support.
When I remove otponly, the request retun wrong otp value. The OTP i get from Google Authen App
My request:
{
"serial":"TOTP001205C1",
"user":"nguyenha",
"realm":"{{realm}}",
"pass":"111111718820"
}
Response:
"detail": {
"type": "totp",
"message": "wrong otp value",
"otplen": 6,
"serial": "TOTP001205C1",
"threadid": 139735693219584
},
When I add otponly:1
{
"serial":"TOTP001205C1",
"user":"nguyenha",
"realm":"{{realm}}",
"otponly":1,
"pass":"071713"
}
Response:
"detail": {
"message": "OTP verification failed.",
"threadid": 139735676434176
},
"version": "privacyIDEA 3.6.2",
"result": {
"status": true,
"value": false
},
I just create new policy for totp and authen success, thank you for your support
karllo
5
Hi Ha_Nguyen,
I have same problem. How you resolved problem? Do you show for me ?