Third-Party Authenticator Apps

Last updated June 16, 2023

Heroku supports the use of third-party authenticator apps that generate temporary codes based on the OATH time-based one-time password (TOTP) algorithm (RFC 6238) as a multi-factor authentication (MFA) verification method. You have numerous apps to choose from, including free versions. Options include Google Authenticator, Microsoft Authenticator, and Authy.

Register a Third-Party Authenticator App

To register a TOTP authenticator app as an MFA verification method:

  • Download and install the authenticator app on your mobile device.
  • In Heroku, from Account Settings, select Setup Multi-Factor Authentication. Or if you already enabled other verification methods, select Manage Multi-Factor Authentication.
  • On the next page, click Add One Time Password Generator. A page with a QR code is displayed.

Add Authenticator App

  • Launch the mobile app on your device, choose the option for adding a new account, and scan the QR code. If you have trouble scanning the QR code, use the alternative option to enter a setup key.
  • In Heroku, enter the QR code generated by the app, and click Connect to complete setup.

MFA Verification with an Authenticator App

To log in using a third-party authenticator app:

  • After entering your email and password, you’re prompted to enter the code generated by your app.
  • Open the app on your mobile device, and then enter the code in Heroku.

TOTP authenticator apps don’t require mobile connectivity to generate codes.

Feedback

Log in to submit feedback.