Comparing email previews providers? Discover our new pricing options - chat to sales or book a demo to unlock your savings now
Mailosaur Ltd Mailosaur logo
Mailosaur LtdMailosaur logo
Mailosaur Ltd Mailosaur logo
AuthenticatorAutomate totp testing

Automating TOTP tests

You can retrieve the current 6-digit TOTP code directly from the Mailosaur API by passing a shared secret. This approach does not require creating a device — it is ideal for automated tests where you have the shared secret available.

How it works

  1. Your application or test generates a shared secret during MFA setup.
  2. You pass the shared secret to the Mailosaur API.
  3. The API returns the current 6-digit TOTP code.
  4. Your test enters the code into the application.

For the full endpoint details, request format, and response schema, see Retrieve an OTP code in the API reference.

When to use this approach

Use the API approach when:

  • You have access to the shared secret in your test code (for example, from a seeded test account)
  • You want to avoid creating and managing devices
  • You need a single code for a one-off verification

Use a device instead when:

  • You need a persistent authenticator that multiple team members can access in the Dashboard
  • You do not have programmatic access to the shared secret