Add a MFA verification

POST /api/my-account/mfa-verifications

O auth2

Add a MFA verification to the user, a logto-verification-id in header is required for checking sensitive permissions.

application/json

Body object Required

type string Required

The type of the MFA verification.

Value is WebAuthn.
newIdentifierVerificationRecordId string Required

The identifier verification record ID for the new WebAuthn registration verification.
name string

The name of the MFA verification, if not provided, the name will be generated from user agent.

type string Required

The type of the MFA verification, for TOTP, one user can only bind one TOTP factor.

Value is TOTP.
secret string Required

The TOTP secret for the MFA verification. Use the generate endpoint to create a secret, and verify the generated code with the user before binding to make sure the user has setup the secret in their authenticator app.

type string Required

The type of the MFA verification, for backup codes, one user can only bind one set of backup codes and requires at least one other MFA factor.

Value is BackupCode.
codes array[string] Required

Array of backup codes. Use the generate endpoint to create codes.

Responses

204

No Content
400

Bad Request
401

Unauthorized
403

Forbidden
422

Unprocessable Content

POST /api/my-account/mfa-verifications

curl \
 --request POST 'https://[tenant_id].logto.app/api/my-account/mfa-verifications' \
 --header "Authorization: Bearer $ACCESS_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{"type":"string","newIdentifierVerificationRecordId":"string","name":"string"}'

Request examples

{
  "type": "string",
  "newIdentifierVerificationRecordId": "string",
  "name": "string"
}

{
  "type": "string",
  "secret": "string"
}

{
  "type": "string",
  "codes": [
    "string"
  ]
}

{
  "type": "WebAuthn",
  "newIdentifierVerificationRecordId": "string",
  "name": "string"
}

{
  "type": "TOTP",
  "secret": "string"
}

{
  "type": "BackupCode",
  "codes": [
    "string"
  ]
}