The One-Time Passcode Integration Kit generates passcodes that the user must enter to complete the authentication flow.
PingFederate does not store one-time passcodes at any time. Instead, passcodes are generated based on several components that are stored in memory, including a nonce value, a transaction id, and "secret" value associated with the adapter instance.
Passcodes are associated with a particular PingFederate session. Although the passcodes themselves do not expire, they can only be used once and only for the associated session and authentication flow. When the authentication flow ends, the passcode is no longer valid.