POST Setup OTP endpoint.
Endpoint
POST
/web/v1/partner/security/mfa/otp/setup WEBAuthentication
- Chain: WEB
- JWT Token: true
- API Key: false
- Permissions: []
- Secure Channel: REQUIRED
Rate Limit
5 requests per 300 seconds.
Headers
Frontend Headers
| Header | Required | Description |
|---|---|---|
| X-LOCALE | Yes | 用户的 locale |
| Accept-Language | No | 语言偏好 |
Cloudflare Headers
| Header | Required | Description |
|---|---|---|
| CF-Connecting-IP | Yes | Client IP from Cloudflare |
| CF-IPCountry | Yes | Client country code |
| CF-Ray | Yes | Cloudflare Ray ID |
| CF-Visitor | Yes | Visitor scheme |
| X-Real-IP | Yes | Real client IP |
Nginx Headers
| Header | Required | Description |
|---|---|---|
| X-PORTAL-ACCESS-CODE | Yes | Portal access code |
| X-Real-IP | Yes | 客户端真实 IP |
| X-Forwarded-For | Yes | 代理链 |
| X-Forwarded-Proto | Yes | 协议 |
Request Parameters
None.
Response
200 OK
| Field | Type | Description |
|---|---|---|
| secret | String | TOTP 密钥 (Base32) |
| qrCodeUri | String | otpauth:// URI for QR code |
| issuer | String | 发行者名称 |
| accountName | String | 账户标识 |