@oslojs/otp documentation

A JavaScript library for generating and verifying OTPs by Oslo.

Supports HMAC-based one-time passwords (HOTP) and time-based one-time passwords (TOTP) using SHA-1 as defined in RFC 4226 and RFC 6238.

  • Runtime-agnostic
  • No third-party dependencies
  • Fully typed
import { generateTOTP, verifyTOTP } from "@oslojs/otp";

const totp = generateTOTP(key, 30, 6);
const valid = verifyTOTP(totp, key, 30, 6);


npm i @oslojs/otp