Path: blob/develop/awscli/examples/cognito-idp/associate-software-token.rst
2630 views
**To generate a secret key for an MFA authenticator app**
The following ``associate-software-token`` example generates a TOTP private key for a user who has signed in and received an access token. The resulting private key can be manually entered into an authenticator app, or applications can render it as a QR code that the user can scan. ::
aws cognito-idp associate-software-token \
--access-token eyJra456defEXAMPLE
Output::
{
"SecretCode": "QWERTYUIOP123456EXAMPLE"
}
For more information, see `TOTP software token MFA <https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa-totp.html>`__ in the *Amazon Cognito Developer Guide*.