Change Default MFA Factor or Un-Enroll in MFA
patch
/mfa/v1/users/{userGUID}
Request
Supported Media Types
- application/json
Path Parameters
-
userGUID: string
Unique identifier for User
Header Parameters
-
Authorization: string
Provide a valid OAuth Access Token that has the 'MFA Client' scope.
Change Default Factor or Unenroll MFA Schema
Root Schema : ChangeDefaultFactor
Type:
object
Use this schema to change default factor or to unenroll MFA factors
Show Source
-
disableMFA(optional):
string
This attribute indicates that the user wants to disable MFA from his profile. This removes all enrolled factors from a user's profile. Supported values for this attribute are:
- true
- false
-
preferredFactorId(optional):
string
This attribute contains the unique identifier of an enrolled factor that the user wants to set as his default MFA factor. In case of SECURITY_QUESTIONS method, this attribute should have it's value set to -'SecurityQuestions'
-
preferredMethod(optional):
string
This attribute indicates the MFA method that the user wants to set as his default method of authentication. Supported values for this attribute are:
- SMS
- PHONE_CALL
- TOTP
- PUSH
- SECURITY_QUESTIONS
When a user wants to change his default MFA factor, this attribute also needs the preferredFactorId attribute to be provided.
Response
Supported Media Types
- application/json
200 Response
Indicates successful profile update.
400 Response
Indicates that the request payload is invalid.
401 Response
Indicates that the profile update request failed due to an invalid token, or an inactive or locked user, or if the user hasn't enrolled in any MFA factors.
404 Response
Indicates that the userGUID provided is invalid.
500 Response
Internal Server error