Two Factor Auth

GET

Generates a QR code for enabling two-factor authentication.

get

Responses

200

QR code generated successfully

application/json

qrCodestringOptionalExample: data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAA...

linkstringOptionalExample: otpauth://totp/AppName:user@example.com?secret=JBSWY3DPEHPK3PXP&issuer=AppName

400

QR code was already generated

application/json

get

/2fa/generate-qr

GET /2fa/generate-qr HTTP/1.1
Accept: */*

{
  "qrCode": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAA...",
  "link": "otpauth://totp/AppName:user@example.com?secret=JBSWY3DPEHPK3PXP&issuer=AppName"
}

POST

Enables two-factor authentication for the user.

post

Body

codestringRequired

Two-factor authentication code

Example: 123456

Responses

200

Two-factor authentication enabled successfully

application/json

anyOptionalExample:

{"message":"Two-factor authentication enabled successfully","description":"Two-factor authentication has been enabled for your account."}

400

Invalid two-factor authentication code

application/json

500

Internal server error

application/json

post

/2fa/enable-two-factor-auth

POST /2fa/enable-two-factor-auth HTTP/1.1
Content-Type: application/json
Accept: */*
Content-Length: 17

{
  "code": "123456"
}

{
  "message": "Two-factor authentication enabled successfully",
  "description": "Two-factor authentication has been enabled for your account."
}

Disables two-factor authentication for the user.

post

Responses

200

Two-factor authentication disabled successfully

application/json

anyOptionalExample:

{"message":"Two-factor authentication disabled successfully","description":"Two-factor authentication has been disabled for your account."}

500

Internal server error

application/json

post

/2fa/disable-two-factor-auth

POST /2fa/disable-two-factor-auth HTTP/1.1
Accept: */*

{
  "message": "Two-factor authentication disabled successfully",
  "description": "Two-factor authentication has been disabled for your account."
}

Authenticates the user using two-factor authentication code.

post

Body

codestringRequired

Two-factor authentication code

Example: 123456

Responses

200

Authentication successful

application/json

accessTokenstringOptionalExample: access_token

refreshTokenstringOptionalExample: refresh_token

isTwoFactorEnablebooleanOptionalExample: true

400

Invalid two-factor authentication code

application/json

500

Internal server error

application/json

post

/2fa/authenticate

POST /2fa/authenticate HTTP/1.1
Content-Type: application/json
Accept: */*
Content-Length: 17

{
  "code": "123456"
}

{
  "accessToken": "access_token",
  "refreshToken": "refresh_token",
  "isTwoFactorEnable": true
}

Impersonates another user using two-factor authentication code. This endpoint is only available for admins of support team.

post

Body

userIdnumberRequiredExample: 1

teamIdnumberRequiredExample: 1

codestringRequiredExample: 123456

Responses

200

Impersonation successful

application/json

accessTokenstringOptionalExample: access_token

isTwoFactorEnablebooleanOptionalExample: false

400

Invalid two-factor authentication code

application/json

403

Access denied if user is not an admin.

application/json

404

User not found

application/json

500

Internal server error

application/json

post

/2fa/impersonate

POST /2fa/impersonate HTTP/1.1
Content-Type: application/json
Accept: */*
Content-Length: 39

{
  "userId": 1,
  "teamId": 1,
  "code": "123456"
}

{
  "accessToken": "access_token",
  "isTwoFactorEnable": false
}

Cancels the impersonation and returns the original user's tokens.

post

Responses

200

Impersonation cancelled successfully

application/json

accessTokenstringOptionalExample: access_token

refreshTokenstringOptionalExample: refresh_token

403

Invalid token

application/json

404

User not found

application/json

500

Internal server error

application/json

post

/2fa/desimpersonation

POST /2fa/desimpersonation HTTP/1.1
Accept: */*

{
  "accessToken": "access_token",
  "refreshToken": "refresh_token"
}

PreviousAuth NextBusinesses

Last updated 1 year ago

hashtagGET

hashtagGenerates a QR code for enabling two-factor authentication.

hashtagPOST

hashtagEnables two-factor authentication for the user.

hashtagDisables two-factor authentication for the user.

hashtagAuthenticates the user using two-factor authentication code.

hashtagImpersonates another user using two-factor authentication code. This endpoint is only available for admins of support team.

hashtagCancels the impersonation and returns the original user's tokens.

GET

Generates a QR code for enabling two-factor authentication.

POST

Enables two-factor authentication for the user.

Disables two-factor authentication for the user.

Authenticates the user using two-factor authentication code.

Impersonates another user using two-factor authentication code. This endpoint is only available for admins of support team.

Cancels the impersonation and returns the original user's tokens.