Some time ago we discussed how to easy and fast setup 2FA using Google Authenitcator API.
In this article we learn how to configure 2FA using Microsoft Authenticator:
Again, we download Microsoft Authenticator app from App Store or Google Play:
Now we have Microsoft Authenticator app installed. Again, our next step would be to generate “secret” information and assign it to our account id. Don't forget to subscribe to the API.
This time we will be using /new_v2/ endpoint instead of /new/. The difference is that /new_v2/ returns only secret key without any additional comments. So far, create a /new_v2/ request in Postman and provide url and X-Rapidapi-Key, again no additional parameters needed (see details here https://rapidapi.com/chdan/api/microsoft-authenticator).
After successful execution of the /new_v2/ endpoint you’ll see your new secret value:
Save this secret value, add “account” and “issuer” into our next /enroll/ endpoint. After successful execution of /enroll/ service you will have url link generated, so that your users could add this info to Microsoft Authenticator app:
Now let’s open this url and scan the QR code:
Use “Scan a QR code” button in Microsoft Authenticator (first push “+” button):
Done! After we synced Microsoft Authenticator app with your server’s secret, Microsoft Authenticator starts generating time-based one-time passwords (TOTP):
Now we can validate one-time passwords (TOTP) on our end using /validate/ service:
“True” value indicates a correct entry. After 60 seconds the same request would return “False” value.