Problem

Try to scan this QR-Code (generated by https://app.syspectr.com/):

andOTP says "invalid QR-Code"
Google Autheticator says so as well.

Expected behaviour

Should be scanned correctly as Microsoft Authenticator and Yubico Autheticator both do

Explanation

The QR-Code URI is

otpauth://totp/sombody@somewhere.com?secret=KJ6D6EKD2A3G77B3C4EC&issuer=syspectr

The BASE32 encoded secret "KJ6D6EKD2A3G77B3C4EC" contains an odd number (5) of 4-character groups.
This is an invalid BASE32 encoding, correct would be the one with padding "KJ6D6EKD2A3G77B3C4EC====" (assuming a 12 byte key).

The Google Authenticator spec says

"The padding specified in RFC 3548 section 2.2 is not required and should be omitted"

Google Authenticator does not seem to follow it's own spec here.
Maybe andOTP should be more "tolerant" and supply the necessary padding to the BASE32 decoding function :)

I openend a support case with syspectr on this.
They essentially say, they dont care, as Microsoft Authenticator scans the QR-Code "correctly"