Description
Overview
This TOTP validation automation workflow provides a precise method to verify six-digit Time-based One-Time Passwords generated from a shared secret. Designed as a no-code integration pipeline, it supports authentication systems by confirming user-provided codes against the expected TOTP values. The workflow is activated manually and uses a Python code node to perform the core validation against a base32-encoded secret key.
Key Benefits
- Enables deterministic verification of 6-digit TOTP codes using industry-standard algorithms.
- Integrates seamlessly with authentication systems through a straightforward orchestration pipeline.
- Supports base32-encoded secret keys for time-based code generation and validation.
- Provides clear branching logic to distinguish valid and invalid authentication attempts.
Product Overview
This TOTP validation workflow initiates with a manual trigger node, allowing users to start the validation process on demand. It accepts two primary inputs: a base32-encoded shared secret key and a six-digit code to verify. The core logic resides in a Python code node that implements the TOTP algorithm based on RFC 6238 specifications. It calculates the current Unix time interval (default 30 seconds) and applies HMAC-SHA1 hashing to generate the expected OTP code.
The code node performs decoding of the secret, computes the time-based counter, extracts the dynamic truncation offset from the HMAC hash, and produces a zero-padded six-digit code. This generated code is then compared against the input code for validation. The workflow uses a conditional node to evaluate the validation result, producing a binary status indicating code validity. The design follows a synchronous execution model triggered manually, with no persistent data storage or external API dependencies beyond the embedded code execution.
Features and Outcomes
Core Automation
The automation workflow takes a base32-encoded secret and a user-supplied TOTP code as inputs. It applies the standard TOTP generation algorithm within a Python code node, including HMAC-SHA1 hashing and dynamic truncation logic, to generate the expected code. The workflow branches deterministically based on a strict equality check of the generated and supplied codes.
- Single-pass evaluation of TOTP validity per execution cycle.
- Deterministic validation logic compliant with RFC 6238.
- Explicit branching for valid and invalid code paths.
Integrations and Intake
This orchestration pipeline uses internal nodes without external API calls. The manual trigger initiates the flow, and the set node provides example inputs for testing. The Python code node handles decoding and time-based computation locally, eliminating the need for external credentials or authentication protocols.
- Manual trigger node for controlled workflow initiation.
- Set node for defining example TOTP secret and code inputs.
- Python code node executing embedded TOTP validation logic.
Outputs and Consumption
The workflow outputs a JSON object containing a status field indicating TOTP code validity: 1 for valid, 0 for invalid. This output enables subsequent conditional branching or external integrations to react accordingly. The response is synchronous within the workflow execution context.
- JSON output with a numeric status field for validation results.
- Synchronous output format compatible with downstream conditional nodes.
- Direct integration with further workflow actions based on validation.
Workflow — End-to-End Execution
Step 1: Trigger
The workflow begins with a manual trigger node, which requires a user or system operator to initiate validation explicitly. This trigger does not require any input parameters or headers and serves to start the process within the n8n environment.
Step 2: Processing
Following the trigger, a set node injects example payload data containing the base32-encoded TOTP secret and the six-digit code to verify. This data is passed unaltered to the code node, which performs validation logic without additional schema checks beyond basic presence of required fields.
Step 3: Analysis
The code node executes Python-based TOTP validation. It decodes the secret, calculates the current time interval, applies HMAC-SHA1 hashing, and derives a six-digit code via dynamic truncation. The generated code is compared to the provided code. The boolean result is converted to a numeric status (1 or 0) indicating validity.
Step 4: Delivery
The validation status is evaluated by a conditional node. If the status equals 1, the workflow follows the “true” branch; otherwise, it proceeds to the “false” branch. This binary output allows downstream nodes or systems to consume the validation result synchronously within the workflow.
Use Cases
Scenario 1
An authentication system requires verification of user-provided TOTP codes during login. This workflow validates the code against a stored secret, enabling a deterministic decision on user access. The outcome is a structured response indicating code validity in a single execution cycle.
Scenario 2
Developers testing two-factor authentication implementations can use this workflow to simulate TOTP validation with predefined secrets and codes. It provides a controlled environment to verify algorithm correctness and logic branching before deployment.
Scenario 3
Security auditors assessing authentication flows can utilize this orchestration pipeline to evaluate TOTP validation steps. The workflow’s output offers clear pass/fail status, facilitating compliance verification and risk assessment.
How to use
To use this TOTP validation workflow, import it into your n8n environment and adjust the Python code node to accept dynamic inputs for the secret key and code. Replace the example fields with variables or data retrieved from your user database or input forms. Trigger the workflow manually or integrate it with upstream nodes for automated validation. The workflow returns a status code indicating whether the TOTP is valid, which can be used to control subsequent authentication steps.
Comparison — Manual Process vs. Automation Workflow
| Attribute | Manual/Alternative | This Workflow |
|---|---|---|
| Steps required | Manual code calculation and comparison by user or system | Single automated validation step with deterministic branching |
| Consistency | Subject to human error and timing discrepancies | Strict algorithmic validation following RFC 6238 standards |
| Scalability | Limited by manual processing speed and capacity | Scales linearly with automated synchronous execution |
| Maintenance | Requires manual updates to validation logic as needed | Encapsulated Python code facilitates easy updates and testing |
Technical Specifications
| Environment | n8n workflow automation platform |
|---|---|
| Tools / APIs | Manual trigger node, Set node, Python code node, Conditional node |
| Execution Model | Synchronous, manual trigger initiated |
| Input Formats | JSON with base32 secret and 6-digit code |
| Output Formats | JSON with numeric status field indicating validity |
| Data Handling | Transient in-memory processing, no persistence |
| Known Constraints | Relies on accurate system time synchronization |
| Credentials | None required; secret key input is user-provided |
Implementation Requirements
- Access to n8n platform with Python code node execution enabled.
- Input data must include a base32-encoded TOTP secret and a corresponding 6-digit code.
- System clock must be synchronized accurately to ensure valid time intervals for TOTP generation.
Configuration & Validation
- Set the base32-encoded secret and code fields in the Set node or via dynamic inputs.
- Verify that the Python code node contains the correct TOTP validation script consistent with RFC 6238.
- Trigger the workflow manually and observe the output status field for validation results.
Data Provenance
- Trigger node: manual initiation to start validation process.
- Python code node: executes TOTP generation and verification logic.
- Conditional node: evaluates JSON status output to branch workflow accordingly.
FAQ
How is the TOTP validation automation workflow triggered?
The workflow is triggered manually via a dedicated manual trigger node within n8n, requiring explicit user or operator initiation.
Which tools or models does the orchestration pipeline use?
The orchestration pipeline uses a Python code node implementing the TOTP algorithm based on HMAC-SHA1 and time intervals, without external models or APIs.
What does the response look like for client consumption?
The workflow outputs a JSON object with a numeric “status” field: 1 indicates a valid TOTP code, and 0 indicates invalidity.
Is any data persisted by the workflow?
No data is persisted; all processing occurs transiently within the workflow’s memory during execution.
How are errors handled in this integration flow?
The workflow relies on platform-default error handling; no explicit retry or backoff mechanisms are configured.
Conclusion
This TOTP validation automation workflow provides a deterministic, standards-compliant method to verify six-digit codes based on shared secret keys. It delivers dependable outcomes by implementing the RFC 6238 TOTP algorithm within a Python code node, triggered manually for controlled execution. The workflow’s design emphasizes transient processing without persistence and depends on accurate system time synchronization for correct validation. Its clear branching logic enables integration into broader authentication systems, supporting secure access control without reliance on external APIs or services.
Reviews
There are no reviews yet.