Bind MFA verification by verificationId

POST /api/experience/profile/mfa

Bind new MFA verification to the user profile using the verificationId.

application/json

Body Required

type string Required

The type of MFA.

Values are Totp, WebAuthn, or BackupCode.
verificationId string Required

The ID of the MFA verification record.

Responses

204

The MFA verification has been successfully added to the user profile.
400

Invalid request.
- session.verification_failed: The MFA verification record is invalid or not verified.
- session.mfa.mfa_factor_not_enabled: The MFA factor is not enabled in the sign-in experience settings.
- session.mfa.pending_info_not_found: The MFA verification record does not have the required information to bind the MFA verification.
403

Forbidden
404

Entity not found.
- session.identifier_not_found: The user has not been identified yet. The MFA verification can only be added to a identified user.
- session.verification_session_not_found: The MFA verification record is not found.
422

The MFA verification can not been processed, check error message for more details.
- user.totp_already_in_use: A TOTP MFA secret is already in use in the current user profile.
- session.mfa.backup_code_can_not_be_alone: The backup code can not be the only MFA factor in the user profile.

POST /api/experience/profile/mfa

curl \
 -X POST https://[tenant_id].logto.app/api/experience/profile/mfa \
 -H "Content-Type: application/json" \
 -d '{"type":"Totp","verificationId":"string"}'

Request examples

{
  "type": "Totp",
  "verificationId": "string"
}