2FA Support (TOTP)
How to send 2FA codes (TOTP) to Skyvern
Skyvern supports one-time password (see https://www.twilio.com/docs/glossary/totp for more information), also known as 2FA/MFA. For Skyvern to get the code, there are three options:
- Option 1: Store your 2FA/MFA secret in Skyvern Credential tool
- Option 2: Skyvern gets the code from your endpoint
- Option 3: You push the code to Skyvern
Option 1: Store your 2FA/MFA secret in the Skyvern Credential tool
Save your username and password in Skyvern Credential where you can also store your 2FA/MFA key/secret.
See Password Management for more details.
Option 2: Get Code From Your Endpoint
You can pass totp_url when running a task or a workflow. Inside this endpoint hosted by you, you have to conform to the following schema:
Set Up Your TOTP Endpoint
For websites that require a verification code to complete a task, you have to set up a TOTP endpoint for Skyvern to fetch the verification code.
Here’s the TOTP endpoint contract you should use:
Request (POST):
Response:
Validate The Sender of The Request
Same as the webhook API, your server needs to make sure it’s Skyvern that’s making the request.
- a python example for how to generate and validate the signature:
SKYVERN_API_KEY: you can get the API KEY from Skyvern Settings.
Option 3: Push Code To Skyvern
Find TOTP API doc here.
You can pass totp_identifier when running a task or a workflow. When the TOTP code arrives at your inbox, all you need to do is to send the email/message (Gmail + Zapier integration can be a good solution to set up email forwarding) to Skyvern’s TOTP endpoint.
Forwarding Your Email To Skyvern (Gmail + Zapier)
This setup requires a Zapier Pro plan account.
Step 1. Create a Zapier Zap
Go to https://zapier.com/app/home and create new Zaps
In the newly created Zap draft, Click the “Trigger” button
Click Email by Zapier
In the Email “Setup”, pick New Inbound Email in the Trigger event selection. Click Continue to complete the “Setup”
In Email “Configure”, create an email address which will be used to forward emails for TOTP codes. Click “Continue”.
Let’s add the Action to complete the Zapier setup before coming back to test it. Click the “Action” button and add Webhooks by Zapier
In the Setup, choose “POST” under the Action event selection. Then click “Continue”.
In the “Configure”, set up these in order to make a POST request to Skyvern’s TOTP API:
- URL:
https://api.skyvern.com/v1/credentials/totp - Payload Type: json
- Data:
- totp_identifier: choose
Raw To Emailafter clicking the “+” sign - content: choose
Body Plainafter clicking the “+” sign - source: email
- totp_identifier: choose
- Headers:
- x-api-key:
Your Skyvern API Key
- x-api-key:
Click Continue
Step 2. Add forwarding email and create a filter in Gmail
Go to Gmail Settings → Forwarding and POP/IMAP (https://mail.google.com/mail/u/0/#settings/fwdandpop) → click “Add a forwarding address” → enter the zapier email address you just created. There might be some verifications, including a verification email from Zapier, you have to complete here.
After setting up the forwarding email address, go to “Filters and Blocked Addresses” (https://mail.google.com/mail/u/0/#settings/filters). Click “Create a new filter” and set up your email filtering rule for your TOTP (2FA/MFA) emails. Click “Create filter”. Check “Forward it to” and pick the new email address and update filter.
Step 3. Test it end to end!
You can forward any previous TOTP (2FA/MFA) email to the Zapier email address you created in Step 1.
In Zapier: under the “Test” of the Webhooks action, send a request to test it out. If your test is successful, you should see a A request was sent to Webhooks by Zapier message
