TOTP

Time-based One-Time Passwords (TOTP) activity is used when the users’ account has Multifactor Authentication (MFA) enabled. This activity generates the one-time password code when the user tries to access the MFA secured application.

Using TOTP Activity

For using the TOTP Activity, the user must have an MFA Secret key using which OTP code is generated. The secret key can be obtained during the setup of any Authenticator App such as Google Authenticator or Microsoft Authenticator.

The TOTP Activity can be used anywhere within the process and the generated OTP is provided when the Application prompts to input the OTP code in the interactive login window.

To get the generated OTP:

In the Canvas Tools pane, click Auth Types to expand the tool and view the associated activities.
Drag the TOTP activity and drop on to the Flowchart designer area on the Canvas.
In the Application list, select the preferred application from the available options. This is an optional step. Applications configured for TOTP Modern Authentication can be selected from this list. If the Application is selected, the TOTP Activity UI only accepts the Generated OTP. The Secret Key is provided during Setup Environment.
For TOTP Activity, where application is not selected, in the Secret Key list, specify the parameter storing the value for the secret key. Example - mfaSecret
In the Generated OTP list, specify the argument which will store the generated OTP. Example – generatedOTP.
To verify or check the generated OTP, WriteLine activity can be used. The text entered should be a string or a string variable.
Save the process.
Setup the environment and Test Run the process.
If the Application is selected in the TOTP activity, then during setup environment it prompts user to provide authentication details such a LoginId, Password and SecretKey.
Once the Test Run is successful, the Studio Console Output displays the generated OTP. This OTP is same as the OTP displayed in the Authenticator app.