diff --git a/Kernel/GenericInterface/Operation/Session/Common.pm b/Kernel/GenericInterface/Operation/Session/Common.pm
index 33e73420403..94634ec5a5f 100644
--- a/Kernel/GenericInterface/Operation/Session/Common.pm
+++ b/Kernel/GenericInterface/Operation/Session/Common.pm
@@ -46,9 +46,10 @@ sub CreateSessionID {
     my $User;
     my %UserData;
     my $UserType;
-
+    
     # get params
     my $PostPw = $Param{Data}->{Password} || '';
+    my $PostTwoFactorToken = $Param{Data}->{TwoFactorToken} || '';
 
     if ( defined $Param{Data}->{UserLogin} && $Param{Data}->{UserLogin} ) {
 
@@ -59,6 +60,7 @@ sub CreateSessionID {
         $User = $Kernel::OM->Get('Kernel::System::Auth')->Auth(
             User => $PostUser,
             Pw   => $PostPw,
+            TwoFactorToken => $PostTwoFactorToken,
         );
         %UserData = $Kernel::OM->Get('Kernel::System::User')->GetUserData(
             User  => $User,
@@ -75,6 +77,7 @@ sub CreateSessionID {
         $User = $Kernel::OM->Get('Kernel::System::CustomerAuth')->Auth(
             User => $PostUser,
             Pw   => $PostPw,
+            TwoFactorToken => $PostTwoFactorToken,
         );
         %UserData = $Kernel::OM->Get('Kernel::System::CustomerUser')->CustomerUserDataGet(
             User  => $PostUser,
diff --git a/Kernel/GenericInterface/Transport/HTTP/REST.pm b/Kernel/GenericInterface/Transport/HTTP/REST.pm
index d1d0f993564..9cbaf9199e3 100644
--- a/Kernel/GenericInterface/Transport/HTTP/REST.pm
+++ b/Kernel/GenericInterface/Transport/HTTP/REST.pm
@@ -229,6 +229,7 @@ sub ProviderProcessRequest {
         HTTP_X_OTRS_HEADER_SESSIONID         => 'SessionID',
         HTTP_X_OTRS_HEADER_PASSWORD          => 'Password',
         HTTP_X_OTRS_HEADER_IMPERSONATEASUSER => 'ImpersonateAsUser',
+        HTTP_X_OTRS_HEADER_TWOFACTORTOKEN    => 'TwoFactorToken',
     );
 
     HEADER: