Get OTP Link
GetManagerOTP¶
Description: Generates a new Base32 secret and a valid otpauth://totp/... provisioning URI for the current manager session. The UI must render the QR code on its side from otp_url.
This method does not enable OTP by itself. It only prepares the data needed for setup. OTP becomes active only after a successful call to SetManagerOTP.
Access Control¶
🛡️ Access Level Required:
SESSION_MANAGER,SESSION_ADMIN, orSESSION_DEALER
Request Parameters¶
None required.
Request Example¶
{}
Response Parameters¶
| Name | Type | Description |
|---|---|---|
| otp_url | string | Full TOTP provisioning URI for authenticator apps |
| secret | string | Base32 secret that must be stored only on the client side during setup |
| algorithm | string | HMAC algorithm used by TOTP. Current value: SHA1 |
| digits | int | Number of digits in generated TOTP codes. Current value: 6 |
| period | int | Code lifetime in seconds. Current value: 30 |
Response Example¶
{
"otp_url": "otpauth://totp/ION%20Trader:1?secret=JBSWY3DPEHPK3PXP&issuer=ION%20Trader&algorithm=SHA1&digits=6&period=30",
"secret": "JBSWY3DPEHPK3PXP",
"algorithm": "SHA1",
"digits": 6,
"period": 30
}
Notes¶
- Use
otp_urlto render a QR code in the interface. - Google Authenticator is compatible with this format.
- Calling this method repeatedly generates a new setup secret each time.
- The returned
secretis not persisted untilSetManagerOTPsucceeds.
Error Example¶
{
"error": "MANAGER_NOT_FOUND"
}