Google Authenticator

🚧

Alpha Preview

This is a recent feature and may be subject to changes over time.

Before you begin, make sure you have a valid Consumer account with at least one verified mobile Phone number. For more information checkout the Phone Verification guide.

Enabling Two Factor Authorization

Start by configuring your two-factor secret generation. It will handle safely all your One Time Passwords (OTP) using .a robust security approach.

// Configure user account for 2FA secret generation
await bitcapital.twoFactor().configure({
  type: 'google-authenticator',
  // A sample user ID
  user: 'aa316e7b-54ca-4843-bad3-da9b03c96dda'
});

❗️

Security Notice

As a Mediator integrating in the platform, you are responsible for any data in your possession. The configuration information for the Google Authenticator is considered a highly sensible data and should not be stored in your application, neither its logs, as stated in our terms of usage.

The result will contain information to configure you Google Authenticator client (or compatible alternative, such as Authy). Use this to generate the QR Code and display to the User.