Complete Factor Enrollment or Resend OTP or Update Security Questions
patch
/mfa/v1/users/{userGUID}/factors/{factorId}
Request
Supported Media Types
- application/json
Path Parameters
-
factorId: string
Unique identifier of an enrolled factor. In case of SECURITY_QUESTIONS method, the factorId is set to 'SecurityQuestions'.
-
userGUID: string
Unique identifier of a User
Header Parameters
-
Authorization: string
Provide a valid OAuth Access Token that has the 'MFA Client' scope.
Complete MFA Enrollment Schema
Root Schema : CompleteEnrollment
Type:
objectUse this schema to complete enrollment, resend OTP or to update security questions or rename a factor displayName.
Show Source
-
displayName(optional):
string
This attribute can be used to change the display name of a factor that is enrolled for TOTP or PUSH method.
-
otpCode(optional):
string
The one time passcode received by the user over SMS, PHONE_CALL, EMAIL or the passcode generated by the Oracle Mobile Authenticator App, to complete factor enrollment. This attribute is only considered for offline TOTP, SMS, PHONE_CALL and EMAIL methods.
-
requestState:
string
This contains the context/request related details in encrypted form, which needs to be passed back and forth between server and client. The details are needed by the server to process a request and are opaque to the client.
This is not required for the SECURITY_QUESTIONS factor. -
resendOtp(optional):
string
Attribute to indicate if the user wants the OTP to be resent to the mobile number or email id being enrolled for MFA. Supported values for this attribute are:
- true
- false
-
securityQuestions(optional):
object securityQuestions
Security Questions Factor Enrollment or Update
Nested Schema : securityQuestions
Type:
objectSecurity Questions Factor Enrollment or Update
Show Source
-
answer(optional):
string
Answer to the security question that the user wants to enroll or update. This is mandatory in case of first time enrollment.
-
hintText(optional):
string
Hint text of the security question that the user wants to enroll or update.
-
id:
string
The identifier of the security questions that is being enrolled or updated by the user.
-
op(optional):
string
Attribute to indicate the operation that the user wants to perform on an already enrolled security question.
Supported values for this attribute are:- 'add': This signifies a new security question that the user wants to add to his profile. It is mandatory to provide the 'answer' property while adding a new question.
- 'replace': This signifies that the user is replacing either the answer or hint text of an enrolled question. Server will not verify if the answer/hint text have really changed and will replace it with new values provided.
- 'remove': This signifies that the user is trying to remove an enrolled security question. A remove should be used in tandem with add operation. We only consider the 'id' property and ignore the 'answer' and 'hintText' attributes, if passed.
This attribute need not be provided while enrolling for security questions for the first time.
Response
Supported Media Types
- application/json
200 Response
Indicates successful enrollment.
400 Response
Indicates that the request payload is invalid.
401 Response
Indicates a failed enrollment if the otpCode or security answer that was provided is invalid. Indicates unauthorized access if the token provided is invalid or if the user is either locked or inactive.
404 Response
Indicates that the factorId provided is invalid.
500 Response
Internal Server error