How to set up FEITIAN OTP products with [x service]

FEITIAN’s OTP products follows the open OATH standard. To properly set it up with the identity provider of your choice, it’s best to follow each service’s documentation. We have composed the following catalog to make it easier:

Duo fully support HOTP (event-based) OTP token, but not the TOTP (time-based) type. They also requires seed/share secret to be encoded in hexadecimal format.

https://duo.com/docs/administration-devices#managing-otp-hardware-tokens

Azure Active Directory (AD) works with TOTP (time-based) OTP tokens, 6 digits, and they require the seed/secret to be in base32 encoding.

https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-oath-tokens

Okta works with both TOTP and HOTP, and many types of seed/secret formats. However, some technical work is required to work with seed import (using their Factors API.)

https://help.okta.com/en/prod/Content/Topics/Security/mfa-totp-seed.htm

https://docs.pingidentity.com/bundle/pingid/page/cxe1564020450447.html

https://surepassid.com/resources/documentation/

Watchguard requires the seed file to be in RFC6030 pskc + AES128 key format.

Documentation