Flipper Authenticator generates invalid codes, why so?

There are multiple reasons why Flipper Authenticator generates invalid codes:

Clock is not precise

Flipper Zero clock has known clock drift problem. So there is a chance that clock on your flipper device is just not precise and you just need to sync them by using desktop\mobile qFlipper application.

Timezone is not correct

Because of Flipper Zero API doesn't provide an access to timezone offset it is necessary to set it manually for correct TOTP tokens generation. You may find your timezone offset (or another name is "UTC offset") here, here, here or on any other website found in google. Then set it in setting menu of Flipper Authenticator or using CLI command totp tz or put straight into conf file.

Remember that if you are setting timezone via CLI or manually in conf file timezone must be provided in hours. Example: if your timezone is UTC+5:30 means 5 hours and 30 minutes you should provide it as 5.50 (5 hours + 0.5 hour (30 minutes)) and not 5.30 or so. You must also account for changes in daylight savings time manually.

Token secret is not correct

Sometimes it is possible that you just made a mistake while typing or copying token secret. Some providers (ex. Amazon) shows token secrets as a grouped string (ex. XXXX ZZZZ YYYY NNNN MMMM), it is fine to use such a string if you are entering token secret manually or using CLI, however it is not allowed to use such a string to copy&paste it straight to a config file. In such a scenario you need to drop all the whitespaces from your token secret before putting it into config file.

Token hashing algorithm is not correct

In majority of situations using default hashing algorithm SHA1 should work just fine. But for some rare providers it might be necessary to use SHA256 or SHA512 as a hashing alogorithm.