Complete Factor Enrollment or Resend OTP or Update Security Questions

patch

/mfa/v1/users/{userGUID}/factors/{factorId}

Request

Supported Media Types
Path Parameters
  • Unique identifier of an enrolled factor. In case of SECURITY_QUESTIONS method, the factorId is set to 'SecurityQuestions'.
  • Unique identifier of a User
Header Parameters
Body ()
Complete MFA Enrollment Schema
Root Schema : CompleteEnrollment
Type: object
Use this schema to complete enrollment, resend OTP or to update security questions or rename a factor displayName.
Show Source
  • This attribute can be used to change the display name of a factor that is enrolled for TOTP or PUSH method.
  • The one time passcode received by the user over SMS, EMAIL or the passcode generated by the Oracle Mobile Authenticator App, to complete factor enrollment. This attribute is only considered for offline TOTP, SMS and EMAIL methods.
  • This contains the context/request related details in encrypted form, which needs to be passed back and forth between server and client. The details are needed by the server to process a request and are opaque to the client.
    This is not required for the SECURITY_QUESTIONS factor.
  • Attribute to indicate if the user wants the OTP to be resent to the mobile number or email id being enrolled for MFA. Supported values for this attribute are:
    • true
    • false
    This attribute is considered only for EMAIL and SMS factors.
  • securityQuestions
    Security Questions Factor Enrollment or Update
Nested Schema : securityQuestions
Type: object
Security Questions Factor Enrollment or Update
Show Source
  • Answer to the security question that the user wants to enroll or update. This is mandatory in case of first time enrollment.
  • Hint text of the security question that the user wants to enroll or update.
  • The identifier of the security questions that is being enrolled or updated by the user.
  • Attribute to indicate the operation that the user wants to perform on an already enrolled security question.
    Supported values for this attribute are:
    • 'add': This signifies a new security question that the user wants to add to his profile. It is mandatory to provide the 'answer' property while adding a new question.
    • 'replace': This signifies that the user is replacing either the answer or hint text of an enrolled question. Server will not verify if the answer/hint text have really changed and will replace it with new values provided.
    • 'remove': This signifies that the user is trying to remove an enrolled security question. A remove should be used in tandem with add operation. We only consider the 'id' property and ignore the 'answer' and 'hintText' attributes, if passed.

    This attribute need not be provided while enrolling for security questions for the first time.
Back to Top

Response

200 Response

Indicates successful enrollment.

400 Response

Indicates that the request payload is invalid.

401 Response

Indicates a failed enrollment if the otpCode or security answer that was provided is invalid. Indicates unauthorized access if the token provided is invalid or if the user is either locked or inactive.

404 Response

Indicates that the factorId provided is invalid.

500 Response

Internal Server error
Back to Top