Skip to main content
POST
/
v1
/
auth
/
2fa
/
setup
Setup 2FA
curl --request POST \
  --url https://olp-api.nipuntheekshana.com/v1/auth/2fa/setup

Documentation Index

Fetch the complete documentation index at: https://docs-openpay.nipuntheekshana.com/llms.txt

Use this file to discover all available pages before exploring further.

This endpoint requires a valid Bearer token in the Authorization header.
Initiates two-factor authentication setup for the merchant’s account. Returns a TOTP secret and an otpauth:// URI that can be rendered as a QR code for authenticator apps like Google Authenticator or Authy. After scanning the QR code, the merchant must call Verify 2FA with a valid code to complete the setup.

Example Response (200)

{
  "secret": "JBSWY3DPEHPK3PXP",
  "otpauthUrl": "otpauth://totp/OpenPay:admin@acmepay.com?secret=JBSWY3DPEHPK3PXP&issuer=OpenPay",
  "qrCode": "data:image/png;base64,iVBORw0KGgo..."
}
The secret is shown only once during setup. If the merchant loses it, they will need to disable and re-enable 2FA.

Error Responses

409 Already Enabled
{
  "error": {
    "code": "CONFLICT",
    "message": "Two-factor authentication is already enabled"
  }
}