36.5 Creating QR Codes for Configuration

A Quick Response (QR) code can be used to configure the OMA. The OMA scans the QR code for offline configuration details.

In the case of offline configuration, it is assumed that the customer develops a web application and a user is authenticated by said application. The OMA scans the QR code which must have the shared secret, shared secret encoding information and optionally the OTP validity duration, the hashing algorithm to be used for TOTP or the length of the OTP (5 digits/6 digits).

The QR code needs to be created from any of the following configuration URLs:

  • oraclemobileauthenticator://settings?LoginURL::=http://OAMhost:port//ms_oauth/resources/userprofile/secretkey

  • oraclemobileauthenticator://settings?AuthServerType::=HTTPBasicAuthentication&&LoginURL::=http://OAMhost:port/ms_oauth/resources/userprofile/secretkey&&ServiceName::=MyBank

  • oraclemobileauthenticator://settings?AuthServerType::=OAuthAuthentication&&LoginURL::=http://OAMhost:port/ms_oauth/resources/userprofile/secretkey&&ServiceName::=OAuth&&OAuthClientID::=8d91cb4821dd417286ca973045e9e25a&&OAMOAuthServiceEndpoint::=http://OAMhost:port/ms_oauth/oauth2/endpoints/oauthservice

The mobile phone user needs to go to the Add Account screen and position the QR code in front of the phone's camera. The OMA app configures the account and generates the OTP.


The OMA app may prompt your to enter the user name and password. Only after the successful authentication, the app generates the OTP.

See Understanding Oracle Mobile Authenticator Configuration