XML-RPC TOTP Code

  • Resolved ballmw

    (@ballmw)


    4 years, 11 months ago

    Docs say..

    If you have a custom application that logs in via XML-RPC, it can be configured to append a TOTP code when logging in using Wordfence.

    What are we appending the TOTP code too? Appending it to the password? What is the format?

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Plugin Support wfpeter

    (@wfpeter)

    4 years, 11 months ago

    Hi @ballmw, thanks for reaching out to us.

    If you’re referring to any plugins/apps you use on your site that have this capability, you wouldn’t need to know the details. I take it that might not be the case but somebody else may refer back to this ticket in the future and it could help.

    If you’re developing something yourself to use XML-RPC, you would append the 6 digits directly to the end of the password. However, TOTP codes can only be used once and change every 30 seconds. So if you’re building something that needs to make more than 1 request with a WordPress username/password within 30 seconds, it wouldn’t be able to use TOTP properly. In this case, set Require 2FA for XML-RPC call authentication to “Skipped“.

    Thanks,

    Peter.

Viewing 1 replies (of 1 total)

The topic ‘XML-RPC TOTP Code’ is closed to new replies.