Unable to use TOTP codes generated by google-authenticator cli

When attempting to put in keys generated by google-authenticator cli I get the error below, an example of a key is ‘NN4UYFOCKUK2PEF6MU3TZ3YM6Y’. This key works fine in the google-authenticator android app as well as the linux package ‘oathtool’

vault write totp/keys/test key=NN4UYFOCKUK2PEF6MU3TZ3YM6Y

Error writing data to totp/keys/test: Error making API request.

URL: PUT https://vault.local/v1/totp/keys/test
Code: 400. Errors:

  • invalid key value: illegal base32 data at input byte 24


That key doesn’t seem to be a valid base32 value.

maybe the value returned by echo NN4UYFOCKUK2PEF6MU3TZ3YM6Y|base32 will work.

But the docs don’t explicitly mention that base32 encoding is required, but the error you got indicates that this is the case…