JWT Token with TOTP

pica · November 18, 2025, 6:17am

Are you using our SaaS platform (Baserow.io) or self-hosting Baserow?

SaaS

What are the exact steps to reproduce this issue?

How do I get a JWT token when I have 2FA enabled? I am able to get it when I disable the 2FA.

Steps to reproduce:

Account has 2FA enabled.
Try to get a token using the endpoint at Baserow API spec.
Response doesn’t have any access_token or refresh_token, but just a token and TOTP indicator.

davide · November 18, 2025, 8:27am

Hi @pica,

this is expected, and it’s how 2FA works.

The token you receive can be used to authenticate you to this endpoint: https://api.baserow.io/api/redoc/#tag/Auth/operation/verify_totp_auth, where you have to provide a payload with “code”: “your-auth-app-code”, “email”: “your@email” and “type”: “totp”.

You can also open the network tab in the developer tools of your browser to follow the requests made to sign in with 2FA enabled.

pica · November 18, 2025, 9:51am

Hi,

Yes, I know that’s how 2FA works, I just wanted to know how to execute the next step. Thank you for the information.

However, the link you provided doesn’t seem to actually link to any action on the redoc website. But, I got the proper one from the developer tools’ network, and made it work. Thanks again!