Hi, I am setting totp and I can see a response of

kratos/self-service/settings/browser

having

QR image and secret

, I can use Google authenticator to scan and see my identity username. After that I use

curl --request POST \
  --url '{{host}}/kratos/self-service/login?flow=829dcb7c-1efb-447c-8248-7afd3395955e' \
  --header 'content-type: application/json' \
  --header 'cookie: {{loginFlowCookie}}' \
  --cookie '{{loginFlowCookie}}' \
  --data '{
  "csrf_token": "{{loginFlowCsrf}}",
  "method": "totp",
  "totp_code": "708589"
}'

to login but I get error:

"messages": [
      {
        "id": 4010002,
        "text": "Could not find a strategy to log you in with. Did you fill out the form correctly?",
        "type": "error"
      }
    ]

Do you have any idea to resolve? please help!

"username": {
          "type": "string",
          "format": "username",
          "title": "User name",
          "minLength": 8,
          "maxLength": 50,
          "pattern": "^[a-zA-Z0-9][a-zA-Z0-9@_.-]{7,49}$",
          "ory.sh/kratos": {
            "credentials": {
              "password": {
                "identifier": true
              },
              "totp": {
                "account_name": true
              }
            }
          }
        }

selfservice:
  default_browser_return_url: <http://127.0.0.1:4455/welcome>
  allowed_return_urls:
    - <http://127.0.0.1:4455>
  methods:
    password:
      enabled: true
    profile:
      enabled: true  
    totp:
      config:
        issuer: ExampleIssuer.com
      enabled: true

Hey @square-napkin-92357. Thanks for the feedback I think we could really improve the SMS documentation. If you like to contribute more you can open an issue in github.com/ory/docs with the problems you encountered and what you would propose to fix them. `"Could not find a strategy to log you in with. Did you fill out the form correctly?" (4010002)`indicates that Ory Kratos could not determine which login strategy to use based on your request. This usually happens if the required fields for the selected login method are missing or incorrect in your request payload, or if the method is not enabled/configured properly in your Kratos instance. For the TOTP login method, the request body must include at least: •

"method": "totp"

•

"totp_code": "<the 6-digit code from your authenticator app>"

Optionally, for browser flows, you should also include the

csrf_token

. Your curl command seems correct in structure. The error is most likely due to either an expired/invalid login flow, missing/incorrect fields, or using the wrong flow type. Double-check that you are using a valid, active login flow and that your request matches the expected structure for the TOTP method.

Thanks @magnificent-energy-493. Now it works well