Update the exposed portion of a user's logto config. Supports updating MFA states (enabled, skipped, skipMfaOnSignIn) and passkey sign-in states (skipped). All fields are optional — only provided fields will be updated.
PATCH
/api/users/{userId}/logto-configs
curl \
--request PATCH 'https://[tenant_id].logto.app/api/users/{userId}/logto-configs' \
--header "Authorization: Bearer $ACCESS_TOKEN" \
--header "Content-Type: application/json" \
--data '{"mfa":{"enabled":true,"skipped":true,"skipMfaOnSignIn":true},"passkeySignIn":{"skipped":true}}'
Request examples
{
"mfa": {
"enabled": true,
"skipped": true,
"skipMfaOnSignIn": true
},
"passkeySignIn": {
"skipped": true
}
}
Response examples (200)
{
"mfa": {
"enabled": true,
"skipped": true,
"skipMfaOnSignIn": true
},
"passkeySignIn": {
"skipped": true
}
}