Create New Login Item to Include One-time Password Field

techotaku
techotaku
Community Member
edited March 2023 in CLI

I've successfully updated a login item with an existing one-time password field using:

op item edit 'Postmaster [@example.com]' 'one-time password'='otpauth://totp/Example:postmaster@example.com%3C/legend%3E?secret=BASE64ENCODEDSTRING&issuer=Example2FA%20mail.example.com'

This discussion suggests it's not possible to create a new one-time password field for an existing login item using this method, but that it can be done by including the field in a template and then creating a new login item from that template.

This documentation gives examples of the keys/values required to create various fields, but doesn't mention the one-time password field. So, is what I'm trying to do possible, and if so, what values are required for the keys in the template?

Many thanks, Steve.

Comments

  • techotaku
    techotaku
    Community Member

    May have partly answered my own question.

    This command appears to give the necessary keys/values required:

    op item get "Existing Login Item With OTP Field" --format json

    Which returns:

    ...
   },
   {
      "id": "TOTP_fwzkjzlyjfyjylwqygpvmbivgy",
      "section": {
        "id": "add more"
      },
      "type": "OTP",
      "label": "one-time password",
      "value": "otpauth://totp/Example:postmaster@example.com%3C/legend%3E?secret=BASE64ENCODEDSTRING&issuer=Example2FA%20mail.example.com",
      "totp": "851170",
      "reference": "op://Personal/heuz7krzcljepdjoovi6xw5g7m/add more/one-time password"
    }
...

    Steve

  • techotaku
    techotaku
    Community Member
    edited March 2023

    Can confirm it's possible to create a new login item with a one-time password field using a template containing values similar to:

    ...
   },
    {              
      "id": "TOTP_fwzkjzlyjfyjylwqygpvmbivgy",
      "type": "OTP",
      "label": "one-time password",
      "value": "otpauth://totp/Example:postmaster@example.com%3C/legend%3E?secret=BASE64ENCODEDSTRING&issuer=Example2FA%20mail.example.com"
    }
...

    Then it's a simple matter of using op item edit ... to update the OTP field.

    Apologies for not having investigated further before posting, but hopefully someone else may find this useful.

    Steve.

  • 1P_Amanda
    1P_Amanda

    Hi @techotaku,

    Thank you very much for answering your own question, and also posting it to help other people. We appreciate it!

    Amanda

This discussion has been closed.