To define the duration (lifespan) of a TOTP code in Ory Kratos, you need to configure the lifespan for the TOTP method in your identity configuration. This is done by setting the lifespan value under the TOTP method in your configuration file. Here’s how you can do it: 1. Download your Ory Identities configuration. 2. Locate the TOTP method configuration in your identity-config.yaml. 3. Set the lifespan value (e.g., 30s for 30 seconds, 1m for 1 minute):

yaml selfservice:   methods:     totp:       config:         issuer: <http://ExampleIssuer.com|ExampleIssuer.com>         lifespan: 30s  # Set the TOTP code validity duration here       enabled: true

4. Update your Ory Identities configuration with the modified file. However, based on the provided knowledge sources, there is no explicit documentation or example that confirms the presence of a lifespan field specifically for TOTP codes in the Ory Kratos configuration. The sources describe how to enable TOTP and set the issuer, but do not mention a configurable code duration for TOTP specifically—only for code-based flows (like email/SMS one-time codes) is the lifespan field documented. Therefore, if you do not see a lifespan option for TOTP in your configuration, it may not be currently supported or documented for TOTP codes in Ory Kratos. The default duration is typically 30 seconds, as is standard for TOTP, but this is not explicitly configurable according to the available documentation [Configure multi-factor authentication in Ory Kratos](https://www.ory.sh/docs/kratos/self-hosted/mfa) [Time-based one-time passwords (TOTP)](https://www.ory.sh/docs/kratos/mfa/totp). If you need to customize the TOTP code duration and do not see this option, you may need to consult the Ory community or check for updates in the official documentation.