Third-Party Authenticator Apps

Last updated April 26, 2021

Heroku supports the use of third-party authenticator apps that generate temporary codes based on the OATH time-based one-time password (TOTP) algorithm (RFC 6238) as an MFA verification method. There are a wide variety of apps to choose from, including free versions. Options include Google Authenticator, Microsoft Authenticator, and Authy.

Registering a Third-Party Authenticator App

To register a TOTP authenticator app as an MFA verification method:

  • Download and install the authenticator app on your mobile device.
  • In Heroku, go to Account Settings and select Setup Multi-Factor Authentication (or Manage Multi-Factor Authentication if you have already enabled other verification methods).
  • Choose Add One Time Password Generator option on the next page. A page with a QR code is displayed.

Add Authenticator App

  • Launch the mobile app on your device, choose the option for adding a new account, and scan the QR code. if you have trouble scanning the QR code,, use the alternative option to enter a setup key.
  • In Heroku, enter the QR code generated by the app and click ‘Connect` to complete setup.

MFA Verification with an Authenticator App

To log in using a third-party authenticator app:

  • After entering your email and password, you are prompted to enter the code generated by your app.
  • Open the app on your mobile device, then enter the code in Heroku.

TIP: TOTP authenticator apps do not require mobile connectivity to generate codes.

Feedback

Log in to submit feedback.