TOTP Authentication

Add enterprise-grade Time-based One-Time Password (TOTP) authentication to your application with Akedly. Support for Google Authenticator, Microsoft Authenticator, and other standard TOTP apps with seamless integration and pay-per-success billing.

Hosted IntegrationDirect API Integration (Coming Soon)

Overview

TOTP (Time-based One-Time Password) authentication provides a powerful second factor of authentication that significantly enhances security for your users. Unlike SMS-based OTP that can be intercepted, TOTP generates codes locally on users' devices, making it virtually impossible to compromise.

Key Features:

  • Universal Compatibility: Works with Google Authenticator, Microsoft Authenticator, Authy, and any RFC 6238 compliant app
  • Offline Generation: Codes generated locally on user devices - no network dependency
  • Cost Effective: Pay only for successful authentications (starting at 0.25 EGP per success)
  • 5-Minute Expiration: Authentication requests expire automatically for security
  • Multi-Platform: Native mobile apps, web applications, and desktop support
  • White-Label: Hosted setup and authentication pages with your branding

Why TOTP Authentication?

Security & Compliance Benefits

TOTP authentication is universally recommended by security standards and compliance frameworks:

Industry Standards:

  • NIST SP 800-63B: Recommends TOTP as a preferred authenticator
  • PCI DSS: Accepts TOTP for multi-factor authentication requirements
  • ISO 27001: Recognizes TOTP as strong authentication method
  • GDPR: Helps demonstrate appropriate security measures

Security Advantages:

  • No Network Interception: Codes generated offline on user devices
  • Time-Based Expiration: 30-second rolling codes prevent replay attacks
  • Device Independence: Works even when user's phone has no signal
  • Standardized: Based on RFC 6238 - battle-tested by millions of users

Recommended Apps

MOBILE
πŸ“± Google Authenticator
   β€’ Most popular TOTP app globally
   β€’ Available on iOS and Android
   β€’ Simple setup with QR codes
   β€’ Backup and sync capabilities

πŸ“± Microsoft Authenticator
   β€’ Enterprise-focused features
   β€’ Cloud backup and recovery
   β€’ Push notifications support
   β€’ Business account integration

πŸ“± Authy
   β€’ Multi-device synchronization
   β€’ Desktop app available
   β€’ Encrypted cloud backups
   β€’ Teams and business features

Cost Comparison

Traditional 2FA solutions charge per user or per month, regardless of usage. Akedly's TOTP authentication uses pay-per-success billing - you only pay when users successfully authenticate.

Cost Savings Examples:

  • 1,000 registered users, 500 monthly authentications = 500 Γ— 0.25 EGP = 125 EGP/month
  • Traditional solutions: 1,000 Γ— 2 EGP/user = 2,000 EGP/month
  • Your Savings: 94% cost reduction

Smart Billing: No charges for failed attempts, setup processes, or inactive users. You only pay for successful authentications that actually protect your application.

Integration Options

Choose the integration approach that best fits your application architecture and requirements:

Option 1: Hosted Integration (Recommended)

Best For: Web applications, mobile apps wanting seamless UX

Use Akedly's hosted pages for both setup and authentication. This provides a white-labeled experience with your branding while handling all the complex UI states, error handling, and cross-platform compatibility.

Benefits:

  • Zero UI Development: Complete setup and auth flows handled
  • Mobile Optimized: Works perfectly on all devices
  • Error Handling: All edge cases handled automatically
  • Webhook Integration: Server-to-server notifications
  • White Label: Your company branding throughout
  • Cross-Platform: Automatic mobile/desktop detection

Perfect For:

  • Web applications with standard authentication flows
  • Mobile apps using WebView or external browser
  • Teams wanting fastest time-to-market
  • Applications needing reliable cross-platform support

Hosted Integration Flow

1. Create TOTP Pipeline in dashboard
   ↓
2. Redirect users to hosted setup page
   https://app.akedly.io/totp/setup?pipeline=ID&identifier=email
   ↓
3. User completes setup on Akedly's page
   ↓
4. User redirected back to your app
   ↓
5. For authentication: redirect to hosted auth page
   https://app.akedly.io/totp/request?requestID=ID
   ↓
6. Receive webhook notifications + frontend callbacks

Option 2: Direct API Integration

Best For: Applications needing full UI control, custom branding requirements

Build your own UI for setup and authentication while using Akedly's APIs for the backend functionality. This gives you complete control over the user experience.

Benefits:

  • Full UI Control: Design matches your application exactly
  • Custom Flows: Implement specialized user experiences
  • Advanced Features: Add custom logic and integrations
  • Brand Consistency: Seamless part of your application
  • Flexible Implementation: React, Angular, Vue, or vanilla JS

Requirements:

  • Handle QR code display, deep links, and manual setup
  • Build token input UI with proper validation
  • Implement error handling and retry logic
  • Handle mobile vs desktop detection and UI adaptation

Perfect For:

  • Applications with strict branding requirements
  • Complex authentication flows with custom logic
  • Teams with frontend development resources
  • Applications needing specialized user experiences

Direct API Integration Flow

1. Call API to create TOTP user
   POST /api/v1/totp/create
   ↓
2. Build UI to display QR code/deep link
   Your custom React/Angular/Vue components
   ↓
3. Call API to verify setup
   POST /api/v1/totp/verify-setup
   ↓
4. For authentication: call API to request auth
   POST /api/v1/totp/request-auth
   ↓
5. Build UI to collect TOTP code
   Your custom token input components
   ↓
6. Call API to verify authentication
   POST /api/v1/totp/verify-auth/{requestID}

Getting Started

Prerequisites

Before implementing TOTP authentication, ensure you have:

  1. Akedly Account: Sign up if you haven't already
  2. API Key: Available in your dashboard under "View API Key"
  3. Company Profile: Set up your company information for branding
  4. TOTP Pipeline: Create a pipeline for hosted integration (Option 1 only)

Quick Start Guide

For Hosted Integration:

  1. Complete the Hosted Integration Guide
  2. Set up TOTP Pipeline in your dashboard
  3. Redirect users to Akedly's hosted pages
  4. Handle callbacks and webhooks

For Direct API Integration:

  1. Complete the Direct API Integration Guide
  2. Implement custom UI components
  3. Integrate with Akedly's TOTP APIs
  4. Handle all authentication states

Need Help Choosing?

Choose Hosted Integration if:

  • You want the fastest implementation
  • You're building a standard web or mobile app
  • You want Akedly to handle all UI edge cases
  • You prefer zero frontend TOTP development

Choose Direct API Integration if:

  • You need complete UI control
  • You have specific branding requirements
  • You want to integrate TOTP into complex flows
  • You have frontend development resources

What's Next?

Select your preferred integration approach and follow the comprehensive step-by-step guides:

Hosted Integration

Complete setup and authentication flows handled by Akedly with your branding. Fastest time-to-market.

Get Started with Hosted

Direct API Integration

Build custom UI components with full control over user experience. Perfect for branded implementations.

Get Started with Direct API

Was this page helpful?