Session Token with TOTP (Time-Based One-Time Password)

Generates a session token for the authenticated user, after validating their TOTP code.

This API endpoint allows users to authenticate using TOTP (Time-based One-Time Password). Upon successful validation, it generates a secure session token that permits access to the Open API for a specified period.

Endpoint

Base URL

https://oapi-cug.torusdigital.com/api/v1/session/totp/generate

Header Parameters

Name

Value

Content-Type

application/json

Request Parameters

ATTRIBUTE

DESCRIPTION

API_KEY

The apiKey generated during Merchant Onboarding step for the specific merchant

TOTP

The one-time password generated by the authenticator app for this session. This code is time-sensitive and changes periodically.

Request

cURL

curl --location 'https://oapi-cug.torusdigital.com/api/v1/session/totp/generate' \
--header 'Content-Type: application/json' \
--data '{
    "API_KEY": "<API_KEY>",
    "TOTP": "<TOTP>"
}'

Java-Unirest

Unirest.setTimeouts(0, 0);
HttpResponse<String> response = Unirest.post("https://oapi-cug.torusdigital.com/api/v1/session/totp/generate")
  .header("Content-Type", "application/json")
  .body("{\n" +
        "    \"API_KEY\": \"<API_KEY>\",\n" +
        "    \"TOTP\": \"<TOTP>\",\n" +
        "}")
  .asString();

Go-Native

package main

import (
  "fmt"
  "strings"
  "net/http"
  "io/ioutil"
)

func main() {
  url := "https://oapi-cug.torusdigital.com/api/v1/session/totp/generate"
  method := "POST"

  payload := strings.NewReader(`{
    "API_KEY": "<API_KEY>",
    "TOTP": "<TOTP>"
  }`)

  client := &http.Client{}
  req, err := http.NewRequest(method, url, payload)

  if err != nil {
    fmt.Println(err)
    return
  }
  req.Header.Add("Content-Type", "application/json")

  res, err := client.Do(req)
  if err != nil {
    fmt.Println(err)
    return
  }
  defer res.Body.Close()

  body, err := ioutil.ReadAll(res.Body)
  if err != nil {
    fmt.Println(err)
    return
  }
  fmt.Println(string(body))
}

JavaScript-JQuery

var settings = {
  "url": "https://oapi-cug.torusdigital.com/api/v1/session/totp/generate",
  "method": "POST",
  "timeout": 0,
  "headers": {
    "Content-Type": "application/json"
  },
  "data": JSON.stringify({
    "API_KEY": "<API_KEY>",
    "TOTP": "<TOTP>"
  }),
};

$.ajax(settings).done(function (response) {
  console.log(response);
});

On successful TOTP validation, the API responds with a session token that allows users to access the Open API:

Response

{
    "AccessToken": "<AccessToken>",
}

PreviousSetup TOTP for 2FA NextSDK

Last updated 4 months ago