0

I have my java application with spring boot and angular in UI.

I wanted to create a new user in Authy by QR code scanning from Authy mobile app. I have generated the QR code as per the steps in below document links. But in the end, I got an error while scanning it from the Authy mobile app - "Contact to your service provider Error".

https://www.twilio.com/docs/authy/api/users#add-a-user-without-providing-email-or-phone-number

I have generated the QR code base64 token using JWT as per documents. Then I have sued the online QR generator to show the QR code.

Please help me out with this. It will be helpful if you let me know the steps or anything I got missed in my flow.

Thank you in advance!!

Margi212
  • 143
  • 1
  • 10
  • 1
    What is the string that you are encoding into the QR code? Can you share the code you are using to create it? – philnash Dec 09 '20 at 22:25
  • that string is "eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJpeHAiOjE2MDc1NzgyOTM5ODEsImlzcyI6Ik1tQVBfVGVzdCIsImNvbnRleHQiOnsiY3VzdG9tX3VzZXJfaWQiOiI0YjY0MjY1MC1iYTVlLTQzNzgtOTBkMy1hZjBkMGZmMTk0OTMiLCJhdXRoeV9hcHBfaWQiOiJLbjhNMkZRVGQ2d1g4RlFtS25UaG84ckJQZmcxV2hGNCJ9LCJpYXQiOjE2MDc1NzgyMDM5ODF9." @philnash – Margi212 Dec 10 '20 at 05:30

1 Answers1

1

Twilio developer evangelist here.

In order to get the camera to read the QR code, it needs to be in the form of a URL. You have created your token (though it seems to be missing the signature in your example in the comments), so you need to form a URL like this:

authy://account?token={token}

and then encode that as a QR code. Then the app will be able to pick it up and start generating 2FA codes.

philnash
  • 70,667
  • 10
  • 60
  • 88
  • Thanks for the help, after adding that I got the error "Invalid Format" I also tried on that way, and passing string to generate QR code like below: authy://account?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJpeHAiOjE2MDc2NzMzNzU4OTYsImlzcyI6Ik1tQVBfVGVzdCIsImNvbnRleHQiOnsiY3VzdG9tX3VzZXJfaWQiOiI0YjY0MjY1MC1iYTVlLTQzNzgtOTBkMy1hZjBkMGZmMTk0OTMiLCJhdXRoeV9hcHBfaWQiOiJLbjhNMkZRVGQ2d1g4RlFtS25UaG84ckJQZmcxV2hGNCJ9LCJpYXQiOjE2MDc2NzMyODU4OTZ9. – Margi212 Dec 11 '20 at 07:56
  • 1
    Your token still appears to be missing the signature. It should be 3 strings separated by two periods (.). You’re missing the third string. – philnash Dec 11 '20 at 07:57
  • by adding HS256 for third dot, I gor the error "Format Not Supported." authy://account?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpeHAiOjE2MDc2NzMzNzU4OTYsImlzcyI6Ik1tQVBfVGVzdCIsImNvbnRleHQiOnsiY3VzdG9tX3VzZXJfaWQiOiI0YjY0MjY1MC1iYTVlLTQzNzgtOTBkMy1hZjBkMGZmMTk0OTMiLCJhdXRoeV9hcHBfaWQiOiJLbjhNMkZRVGQ2d1g4RlFtS25UaG84ckJQZmcxV2hGNCJ9LCJpYXQiOjE2MDc2NzMyODU4OTZ9.gjhhvsQEQMto84ejm0qM2qbhLoV06SPy9ibUOYHDnvU – Margi212 Dec 11 '20 at 08:00
  • 1
    Ok, there are other problems with your token. You have an `ixp` field, which should be `exp`. Both your `iat` and `exp` look like dates that are thousands of years in the future. You can also go to https://jwt.io to decode your token to check it looks right and ensure that your signature is correct. – philnash Dec 11 '20 at 08:09
  • Hi, I have updated token and take reference from your suggested site, and generated token again like below,it gives me "Account couldn't be added,Please contact to your service provider." authy://account?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJNbUFQX1Rlc3QiLCJjb250ZXh0Ijp7ImN1c3RvbV91c2VyX2lkIjoiNGI2NDI2NTAtYmE1ZS00Mzc4LTkwZDMtYWYwZDBmZjE5NDkzIiwiYXV0aHlfYXBwX2lkIjoiS244TTJGUVRkNndYOEZRbUtuVGhvOHJCUGZnMVdoRjQifSwiZXhwIjoxNjA3Njc1OTk0LCJpYXQiOjE2MDc2NzU0OTR9.0j0RUX1jzJjDLnEriKGzGT9MttZN5ZAiiiSHI5Aldb8 – Margi212 Dec 11 '20 at 08:36
  • Are you able to verify the signature using jwt.io too? The rest of the data looks correct now (as long as your Authy Application is called "MmAP_Test"). – philnash Dec 11 '20 at 08:53
  • yes, I have verified, as you said in above steps, still not able for QR verification, please help.Is there any other steps, that I might miss? – Margi212 Dec 11 '20 at 09:02
  • 1
    I don't know what else might be wrong with it. I suggest you contact [Twilio support](https://www.twilio.com/help/contact), explain what you have done and provide a new token to see if they can help. – philnash Dec 12 '20 at 04:19