Create TOTP secret

Add MCP server to your AI tool

Allow AI tools and LLMs to interact with the API documentation portal through MCP.

MCP server URL


        
          
            https://bump.sh/logto/doc/logto-experience-api/mcp

Standard setup for AI tools providing an mcp.json file

      
          mcp.json

"Logto Experience API MCP server": {
  "url": "https://bump.sh/logto/doc/logto-experience-api/mcp"
}

POST /api/experience/verification/totp/secret

Create a new TOTP verification record and generate a new TOTP secret for the user. This secret can be used to bind a new TOTP verification to the user's profile. The verification record must be verified before the secret can be used to bind a new TOTP verification to the user's profile.

Responses

200 application/json

TOTP secret successfully generated.
Hide response attributes Show response attributes object
- verificationId string Required
  
  The unique verification ID for the TOTP record. This ID is required to verify the TOTP code.
- secret string Required
  
  The newly generated TOTP secret.
- secretQrCode string Required
  
  A QR code image data URL for the TOTP secret. The user can scan this QR code with their TOTP authenticator app.
400

Bad Request
404

Entity not found.
- session.identifier_not_found: The current interaction is not identified yet. All MFA verification records must be associated with a identified user.

POST /api/experience/verification/totp/secret

curl \
 --request POST 'https://[tenant_id].logto.app/api/experience/verification/totp/secret'

Response examples (200)

{
  "verificationId": "string",
  "secret": "string",
  "secretQrCode": "string"
}