Unable to retrieve shared secret for TOTP after enrolling TOTP factor

Unable to retrieve shared secret for TOTP after enrolling TOTP factor

Hello,

Certainly! It appears that you’re encountering an issue with retrieving the shared secret for TOTP (Time-Based One-Time Password) after enrolling the TOTP factor. Let’s explore some insights:

Automatic Enrollment:
When you enable the Push Factor, TOTP is automatically enrolled.
However, there seems to be no straightforward way to retrieve the TOTP shared secret via the API.
Workaround:
Consider setting Okta Verify under Security > Authentication > Enrollment as “Optional” in the policy that applies to the user.
After making this change, try enrolling the factor again using the API.
The error message should no longer occur, and Okta Verify enrollment should succeed.

Best Regards
michael298

Hello Michael,

There is no error message nor the issue in Okta Verify enrollment. I found that the old API used to provide the shared secret in the old documentations, but currently it does not provide the shared secret.
I was looking into the method to fetch the shared secret of the enrolled Okta Verify for the migration purpose. Can we fetch the shared secret of the enrolled Okta Verify device?