JSON API » people » people/totp/qrcode
Gets a TOTP QR code for a person. If the person does not yet have a TOTP secret, one is generated and saved automatically.
Input parameters
Requires authentication and the user role privilege. A user may get their own QR code. An admin may additionally get the QR code for any person in their customer.
| Name | Type | Description | Required | Default value |
|---|---|---|---|---|
| auth_username | String | Authentication username. | Yes | |
| auth_password | String | Authentication password. | Yes | |
| id | Integer | ID of person to get QR code for. Admins may specify another user's ID. | No | Logged-in user. |
Responses
| Code | Description |
|---|---|
| 200 | Success. |
| 401 | The authentication details provided are invalid. |
| 402 | Your role does not allow this. |
| 404 | The person does not exist, or you do not have permission to view them. |
Data returned
| Field | Type | Description |
|---|---|---|
| qrcode | String | Base64-encoded PNG of the QR code. Can be used directly as an image src: data:image/png;base64,... |
| secret | String | The TOTP secret key in plain text. Show this as a manual entry fallback for users who cannot scan the QR code. |
| username | String | Username of the person. |
Example: Get QR code for logged-in user
http://enswitch.example.com/api/json/people/totp/qrcode/?auth_username=user;auth_password=password{ "responses":[ { "code":"200", "key":"", "message":"OK" } ], "data":{ "qrcode":"iVBORw0KGgo...", "secret":"JBSWY3DPEHPK3PXP", "username":"user" } }
Example: Admin gets QR code for another user
http://enswitch.example.com/api/json/people/totp/qrcode/?auth_username=admin;auth_password=password;id=456{ "responses":[ { "code":"200", "key":"", "message":"OK" } ], "data":{ "qrcode":"iVBORw0KGgo...", "secret":"JBSWY3DPEHPK3PXP", "username":"otheruser" } }
Change history
| Version | Changes |
|---|---|
| 4.4 | Function added. |