Configure One-Time Password (OTP) for Zero Trust Applications Using QR Codes

  • 1 minute(s) read
Prev Next

SSW Secret Manager now supports configuring One-Time Password (OTP) by uploading QR code images directly in the Web Console.

Administrators can enable this feature when creating or editing a Zero Trust Application secret, making multi-factor authentication setup faster, easier, and less error-prone.

Use Cases

  • Configure TOTP-based multi-factor authentication for Zero Trust Applications
  • Use QR codes generated by third-party authenticators (e.g., Google Authenticator, Microsoft Authenticator)
  • Simplify OTP configuration and avoid manual secret input errors

Step-by-Step Guide

1. Open the Zero Trust Application Creation Page

  1. Log in to the SSW Web Console.
  2. Navigate to Secret Manager.
  3. Click + Secret in the top-right corner.
  4. Select Zero Trust Application from the secret type list.
  5. Image

To update an existing configuration, open an existing Zero Trust Application secret and click Edit.

2. Fill in Basic Application Information

Provide the required application details as needed:

  • Application / Desktop App
  • Title (required)
  • Website
  • Username / Password

These fields are used to identify and access the target application.

3. Enable One-Time Password (OTP)

  1. Scroll to the bottom of the page.

  2. Locate the One-Time Password toggle.

  3. Switch the toggle to ON.

  4. Once enabled, the following fields will appear:

    • Secret input field
    • Upload QR image button

Image

4. Configure OTP Using a QR Code

You can configure OTP using either of the following methods:

Option 1: Upload a QR Code Image (Recommended)

  1. Click Upload QR image.
  2. Upload the QR code image obtained from your application or authenticator setup process.
  3. The system will automatically parse the QR code and populate the OTP Secret field.

Option 2: Manually Enter the Secret

If you already have the OTP secret, you can manually enter it in the Secret field.

5. Save the Configuration

  1. Verify that all information is correct.
  2. Click Save.
  3. The Zero Trust Application secret will be created or updated, and OTP will be enforced automatically during access.

Notes

  • Uploaded QR code images are used only for parsing the OTP secret and are not stored permanently.
  • OTP is based on the standard TOTP algorithm and is compatible with common authenticator applications.
  • Using QR code upload is recommended to minimize configuration errors.