A unique generated shared secret code that is used in the TOTP algorithm to generate a one-time code.
The session that should be passed both ways in challenge-response calls to the service. This allows authentication of the user as part of the MFA setup process.