The Open API specification for Synapse is now available for download!

Download Open API Spec

POST /2fa/enroll

Initiates the enrollment into two factor authentication. Generates a shared secret that can be used by an authenticator application to generate TOTPs.

This endpoint can be invoked even if the user has 2FA already enabled, a new secret will be generated and kept inactive until the user completes the activation process.

The response includes the base32 encoded secret that can be directly used in the authenticator application. The client can generate a QR code for convenience so that the user can scan the secret instead. The URL to embed in the QR code can follow this format:

For example: otpauth://totp/

Resource URL

Resource Information
Authentication Required
Required OAuth Scopes modify , authorize
Request Object None
Response Object TotpSecret