--- title: Integrate MFA using OATH one-time passwords description: Applies to: component: sdks version: latest page_id: sdks:authenticator-module:use-cases/integrate-one-time-passwords canonical_url: https://docs.pingidentity.com/sdks/latest/authenticator-module/use-cases/integrate-one-time-passwords.html revdate: Tue, 8 Nov 2022 16:17:48 +0000 section_ids: prerequisites: Prerequisites sample_apps: Sample apps step_1_register_your_app: Step 1. Register your app step_2_generate_one_time_passwords: Step 2. Generate one-time passwords more_information: More information --- # Integrate MFA using OATH one-time passwords ***Applies to***: * [icon: check-square-o, set=fa]Ping (ForgeRock) SDK for Android * [icon: check-square-o, set=fa]Ping (ForgeRock) SDK for iOS * [icon: square-o, set=fa]Ping (ForgeRock) SDK for JavaScript This topic explains how to integrate support for OATH one-time passwords into your projects that use the Ping (ForgeRock) Authenticator module. ## Prerequisites To integrate OATH one-time passwords into your application that uses the Ping (ForgeRock) Authenticator module, ensure you have completed the following tasks first: 1. Configure your server to request a one-time password during the authentication journey. Refer to [Create an OATH registration and authentication journey](../../authenticator/use-cases/how-to-implement-mfa-using-otp.html#mfa-authenticating-oath-tree). 2. Integrate the Ping (ForgeRock) Authenticator module into your app. Refer to [Set up your Ping (ForgeRock) Authenticator module project](../getting-started/01-setup-your-project.html). 3. Start the Ping (ForgeRock) Authenticator module in your app. Refer to [Initialize the Ping (ForgeRock) Authenticator module](../getting-started/02-start-the-module.html). ## Sample apps You can find example source code for integrating one-time passwords in the sample authenticator application repositories on GitHub: [icon: android, set=fab, size=3x] #### [Android](https://github.com/ForgeRock/sdk-sample-apps/tree/main/android/java-authenticator/authenticator) ForgeRock Authenticator sample for Android. [icon: apple, set=fab, size=3x] #### [iOS](https://github.com/ForgeRock/sdk-sample-apps/tree/main/iOS/uikit-frexamples/FRAuthenticatorExample) ForgeRock Authenticator sample for iOS. ## Step 1. Register your app The first time you authenticate you are asked to register a device by scanning a QR code. Your application must implement a QR code scanning mechanism. The QR code contains the URI used for registering the device, although you could also offer a method for entering the URI manually. After obtaining the URI, register the authentication mechanism in your app: * Android * iOS Register the OATH mechanism by implementing the `FRAClient.createMechanismFromUri()` method, and use `FRAListener` to receive the newly created mechanism: ```java fraClient.createMechanismFromUri("qrcode_scan_result", new FRAListener() { @Override public void onSuccess(Mechanism mechanism) { // called when device enrollment was successful. } @Override public void onFailure(final MechanismCreationException e) { // called when device enrollment has failed. } }); ``` Implement `FRAClient.shared` in your `ViewController`, or `View` to receive the `Mechanism` object: ```swift guard let fraClient = FRAClient.shared else { print("FRAuthenticator SDK is not initialized") return } fraClient.createMechanismFromUri(uri: url, onSuccess: { (mechanism) in // Method call occurs when device enrollment is successful. }, onError: { (error) in // Method call occurs when device enrollment fails. }) ``` ## Step 2. Generate one-time passwords With the OATH mechanisms now registered, your app can obtain the current, and next tokens, as an `OathTokenCode` object: * Android * iOS ```java OathTokenCode token = oath.getOathTokenCode(); String otp = token.getCurrentCode(); ``` ```swift do { // Generate OathTokenCode let code = try mechanism.generateCode() // Update UI with generated code codeLabel?.text = code.code } catch { // Handle errors for generating OATH code } ``` ## More information Refer to the following links for information on some of the interfaces and objects used in this topic: | Android | iOS | | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [OathMechanism](https://developer.pingidentity.com/reference/sdks/android/api-reference-4.7.0/forgerock-authenticator/forgerock-authenticator/org.forgerock.android.auth/-oath-mechanism/index.html) | [OathMechanism](https://developer.pingidentity.com/reference/sdks/ios/api-reference-4-6-0/FRAuthenticator/Classes/OathMechanism.html) | | [createMechanismFromUri](https://developer.pingidentity.com/reference/sdks/android/api-reference-4.7.0/forgerock-authenticator/forgerock-authenticator/org.forgerock.android.auth/-f-r-a-client/create-mechanism-from-uri.html) | [createMechanismFromUri](https://developer.pingidentity.com/reference/sdks/ios/api-reference-4-6-0/FRAuthenticator/Classes/FRAClient.html#/s:15FRAuthenticator9FRAClientC22createMechanismFromUri3uri9onSuccess0H5Errory10Foundation3URLV_yAA0D0Ccys0J0_pctF) |