Agent402 / tools / totp

TOTP code

$0.002 per call · POST /api/totp · USDC via x402

Compute the current TOTP code (RFC 6238, 30s period, SHA-1, 6 digits) from a base32 secret. Useful for agents that must complete 2FA flows they are authorized for.

Input

FieldTypeDescription
secret *stringBase32 TOTP secret
digitsnumber6 (default) or 8

Example output

{
  "code": "492039",
  "secondsRemaining": 17
}

Try it — see the 402 challenge (free)

curl -i -X POST https://agent402.tools/api/totp \
  -H "Content-Type: application/json" \
  -d '{"secret":"JBSWY3DPEHPK3PXP"}'

The response is HTTP 402 Payment Required with exact payment requirements. Any x402 v2 client pays automatically and retries:

Paid call (JavaScript agent)

import { wrapFetchWithPayment } from "@x402/fetch";
import { x402Client } from "@x402/core/client";
import { registerExactEvmScheme } from "@x402/evm/exact/client";
import { privateKeyToAccount } from "viem/accounts";

const client = new x402Client();
registerExactEvmScheme(client, { signer: privateKeyToAccount(KEY) });
const payFetch = wrapFetchWithPayment(fetch, client);

const res = await payFetch("https://agent402.tools/api/totp", {
  method: "POST",
  headers: { "Content-Type": "application/json" },
  body: JSON.stringify({
    "secret": "JBSWY3DPEHPK3PXP"
  }),
});

Related tools

Hash

$0.001 · POST /api/hash

Cryptographic hash of a text string. Algorithms: sha256 (default), sha512, sha1, md5. Returns hex and base64 d…

HMAC

$0.001 · POST /api/hmac

HMAC signature of a message with a shared key. Algorithms: sha256 (default), sha512, sha1. Returns hex and bas…

Base64

$0.001 · POST /api/base64

Base64 encode or decode text. mode: encode (default) or decode. Handles URL-safe base64 on decode.…