diff --git a/apps/login/app/(login)/otp/[method]/set/page.tsx b/apps/login/app/(login)/otp/[method]/set/page.tsx
index 22a134a24b4..3500182088c 100644
--- a/apps/login/app/(login)/otp/[method]/set/page.tsx
+++ b/apps/login/app/(login)/otp/[method]/set/page.tsx
@@ -26,10 +26,13 @@ export default async function Page({
     ({ session, token }) => {
       if (session && session.factors?.user?.id) {
         if (method === "time-based") {
+          // inconsistency with token: email works with machine token, totp works with session token
           return registerTOTP(session.factors.user.id, token);
         } else if (method === "sms") {
+          // does not work
           return addOTPSMS(session.factors.user.id);
         } else if (method === "email") {
+          // works
           return addOTPEmail(session.factors.user.id);
         } else {
           throw new Error("Invalid method");
@@ -54,16 +57,15 @@ export default async function Page({
   return (
     <DynamicTheme branding={branding}>
       <div className="flex flex-col items-center space-y-4">
-        <h1>Register TOTP</h1>
-        <p className="ztdl-p">
-          Scan the QR Code or navigate to the URL manually.
-        </p>
+        <h1>Register 2-factor</h1>
+        {totpResponse && "uri" in totpResponse && "secret" in totpResponse ? (
+          <>
+            <p className="ztdl-p">
+              Scan the QR Code or navigate to the URL manually.
+            </p>
+            <div>
+              {/* {auth && <div>{auth.to}</div>} */}
 
-        <div>
-          {/* {auth && <div>{auth.to}</div>} */}
-          {totpResponse &&
-            "uri" in totpResponse &&
-            "secret" in totpResponse && (
               <TOTPRegister
                 uri={totpResponse.uri as string}
                 secret={totpResponse.secret as string}
@@ -72,8 +74,17 @@ export default async function Page({
                 authRequestId={authRequestId}
                 organization={organization}
               ></TOTPRegister>
-            )}
-        </div>
+            </div>{" "}
+          </>
+        ) : (
+          <p className="ztdl-p">
+            {method === "email"
+              ? "Code via email was successfully added."
+              : method === "sms"
+              ? "Code via SMS was successfully added."
+              : ""}
+          </p>
+        )}
       </div>
     </DynamicTheme>
   );
diff --git a/apps/login/lib/zitadel.ts b/apps/login/lib/zitadel.ts
index 91df8a81413..59f7d29ce4a 100644
--- a/apps/login/lib/zitadel.ts
+++ b/apps/login/lib/zitadel.ts
@@ -112,9 +112,22 @@ export async function addOTPEmail(
 }
 
 export async function addOTPSMS(
-  userId: string
+  userId: string,
+  token?: string
 ): Promise<AddOTPSMSResponse | undefined> {
-  const userService = user.getUser(server);
+  let userService;
+  if (token) {
+    const authConfig: ZitadelServerOptions = {
+      name: "zitadel login",
+      apiUrl: process.env.ZITADEL_API_URL ?? "",
+      token: token,
+    };
+
+    const sessionUser = initializeServer(authConfig);
+    userService = user.getUser(sessionUser);
+  } else {
+    userService = user.getUser(server);
+  }
   return userService.addOTPSMS({ userId }, {});
 }