Time-based OTP (TOTP) Authentication

A Time-based One-time Password (TOTP) is a time-sensitive code used in two-factor authentication (2FA) to provide an extra layer of security for online accounts. It's generated by an algorithm that combines a shared secret key and the current time to produce a unique, short-lived code, displayed in the ZTrust authenticator app.

To configure the TOTP Authentication, follow the below steps -

1. Go to the Authentication tab in the sidebar.

   

2. Click on the kebab menu (three dots) on the right side of the browser flow. Select Duplicate. A popup will appear.

   

3. Provide a Name for the flow, "Time based OTP". Click Duplicate. You will be redirected to the new flow configuration.

   

   

4. Delete everything under Time based OTP forms.

   

   

5. Click on the plus icon on the right side of the Time based OTP forms. Select Add Execution. A popup will appear to select an execution.

   

6. Search for Advanced Token Authenticator, select it and click Add.

   

   

7. Click on the settings menu (gear icon) on the right side of the Advanced Token Authenticator. A popup will appear to configure the TOTP settings.

   

8. Provide an Alias. Set Number of digits in Token code, Token Code period(in seconds), Secure Key and click Save.

   

9. Change Requirement of the Advanced Token Authenticator from Disabled to Required. This will set the flow to be executed when the flow is activated.

   

10. Click on the Actions, on the top right of the page, and then Bind flow. A popup will appear.

    

11. Select the Browser flow as the binding type and click Save.

    

The Time-based OTP Authentication is enabled now.