Authra 2FA - QR Auto Scanner
Scan otpauth QR codes on the active page & view TOTP codes from Authra 2FA.
As of June 2026, Authra 2FA - QR Auto Scanner has — users in the Developer Tools category.
Usersno change0%
—
—
Ratingno change0%
—
— reviews
Reviewsno change0%
—
Version
1.0.0
Manifest V3
History
1 snapshotsTracking since Jun 16, 2026.
Not enough history yet for this metric — the chart fills in as we collect more snapshots.
View as table
| Date | Users | Rating | Reviews | Version |
|---|---|---|---|---|
| Jun 16, 2026 | — | — | — | 1.0.0 |
| Now | — | — | — | 1.0.0 |
Permissions & access
- Permissions
- activeTabstoragescriptingoffscreen
- Host access
- https://api.authra.web.id/*, https://authra-api.rezky-p-budihartono.workers.dev/*, http://localhost:4000/*
Screenshots
About
1. Single purpose description (Deskripsi satu tujuan) Authra 2FA is a two-factor authentication (2FA/TOTP) code manager. Its single purpose is to let signed-in users view the time-based one-time passcodes (TOTP) from their Authra account in the browser, and to scan otpauth QR codes displayed on the current page so they can add new 2FA accounts. 2. activeTab justification activeTab is used to access the current tab's content only when the user explicitly clicks the extension to scan an otpauth QR code shown on that page. It is never used to read tabs automatically or in the background. 3. scripting justification scripting is used to inject a content script into the active tab, on a user-initiated action, to locate and read the otpauth QR code on the page so it can be imported into the user's account. Injection only occurs when the user starts a scan. 4. offscreen justification offscreen is used to create an offscreen document that decodes QR code images with a locally bundled QR library. QR decoding needs DOM/canvas APIs that are not available in the extension service worker. 5. Host permission justification (penggunaan izin host) Host access to the Authra API endpoints is required to authenticate the user and fetch their TOTP codes over HTTPS. The optional <all_urls> host permission is only requested on demand, when the user chooses to scan a QR code on a page, and is not used otherwise. 6. Remote code justification (penggunaan kode jarak jauh) This extension does not use remote code. All JavaScript, including the QR decoding library, is bundled inside the extension package and runs locally. The extension only makes HTTPS API calls to fetch data (TOTP codes); it never downloads or executes external scripts. │ Penting: pada pertanyaan "Apakah extension menggunakan kode jarak jauh?", pilih "Tidak, saya tidak menggunakan kode jarak jauh" (No, I am not using remote code). 7. storage justification storage is used to keep the user signed in by storing their authentication session token and UI preferences in chrome.storage.local. No 2FA secret keys are stored in the extension. 8. Sertifikasi penggunaan data (Data usage) Di bagian "Pengumpulan dan penggunaan data", deklarasikan data yang dikumpulkan: - Informasi identitas pribadi (PII): alamat email — untuk akun pengguna. - Informasi autentikasi: token sesi login. Lalu centang ketiga kotak sertifikasi (wajib): - ☑ Saya tidak menjual atau mentransfer data pengguna ke pihak ketiga, di luar kasus penggunaan yang disetujui - ☑ Saya tidak menggunakan atau mentransfer data pengguna untuk tujuan yang tidak terkait dengan tujuan tunggal item - ☑ Saya tidak menggunakan atau mentransfer data pengguna untuk menentukan kelayakan kredit atau untuk tujuan pinjaman
Technical
- Version
- 1.0.0
- Manifest
- V3
- Size
- 129KiB
- Min Chrome
- 88
- Languages
- 1
- Featured
- No
Metadata
- ID
- mfkeicokhaflnnbfablpehenjlajigel
- Developer ID
- u5373b4d86ecd298c8bc3b2ef17a3e363
- Developer Email
- [email protected]
- Created
- Jun 15, 2026
- Last Updated (Store)
- Jun 15, 2026
- Last Scraped
- Jun 16, 2026
- Website
- authra.web.id
- Support URL
- —
- Privacy Policy
- https://authra.web.id/privacy
Data sourced from the Chrome Web Store · last verified Jun 16, 2026.