Initiate Factor Verification
post
/mfa/v1/requests
Request
Supported Media Types
- application/json
Header Parameters
-
Authorization: string
Provide a valid OAuth Access Token that has the 'Authenticator Client' or 'MFA Client' scope.
Initiate Factor Verification Schema
Root Schema : InitiateFactorVerification
Type:
object
Use this schema to initiate factor verification on a default factor or a backup factor
Show Source
-
applicationName(optional):
string
This attribute is considered only for the PUSH method. The name of the application protected by MFA, that the user is trying to access. This application name will appear in the Mobile App Notification on the Oracle Mobile Authenticator App, when a user authenticates using PUSH method.
-
factorId(optional):
string
The unique identifier of an enrolled factor that the user wants to use to authenticate. This attribute should only be provided if the user is using a non default factor for authentication. In case of SECURITY_QUESTIONS method, the factorId should be set to 'SecurityQuestions'
-
ipAddress(optional):
string
The ip address of the machine from where the user's request originated. This ip address will appear in the Mobile App Notification on the Oracle Mobile Authenticator App, when a user authenticates using PUSH method.
-
method(optional):
string
It indicates the method that the user wants to use to authenticate for MFA. Supported values for this attribute are:
- SMS
- PHONE_CALL
- TOTP
- PUSH
- SECURITY_QUESTIONS
- BYPASSCODE
This attribute should only be provided if the user is using a non default factor for authentication. -
userAgent(optional):
string
This attribute is considered only for the PUSH method. The name of the user agent or browser that the user is using to access a MFA proected application. This user agent name will appear in the Mobile App Notification on the Oracle Mobile Authenticator App, when a user authenticates using PUSH method.
-
userId:
string
The unique identifier of the user who wants to initiate a factor verification. This can either be the username or the userGuid.
-
userIdType:
string
This attribute indicates what type of credential the user is providing. Users are allowed to provide their username or userGuid. Supported values for this attribute are:
- USER_NAME
- USER_GUID
Response
Supported Media Types
- application/json
200 Response
Indicates that the authentication request was accepted and initiated successfully.
400 Response
Indicates a bad request, since the request payload is invalid.
401 Response
Indicates unauthorized access if the token provided is invalid or if the user is either locked, inactive, or not enrolled in MFA.
500 Response
Internal Server error