Two Factor Auth

GET

Generates a QR code for enabling two-factor authentication.

GET/2fa/generate-qr

Response

200400

QR code generated successfully

Body

application/json

qrCodestring

Example: "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAA..."

linkstring

Example: "otpauth://totp/AppName:user@example.com?secret=JBSWY3DPEHPK3PXP&issuer=AppName"

Request

JavaScriptCurlPython

const response = await fetch('/2fa/generate-qr', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

200400

{
  "qrCode": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAA...",
  "link": "otpauth://totp/AppName:user@example.com?secret=JBSWY3DPEHPK3PXP&issuer=AppName"
}

POST

Enables two-factor authentication for the user.

POST/2fa/enable-two-factor-auth

Body

application/json

Two-factor authentication code

code*string

Two-factor authentication code

Example: "123456"

Response

200400500

Two-factor authentication enabled successfully

Body

application/json

any

Request

JavaScriptCurlPython

const response = await fetch('/2fa/enable-two-factor-auth', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "code": "123456"
    }),
});
const data = await response.json();

Response

200400500

{
  "message": "Two-factor authentication enabled successfully",
  "description": "<p>Two-factor authentication has been enabled for your account.</p>",
  "__$markdownParsed": true
}

Disables two-factor authentication for the user.

POST/2fa/disable-two-factor-auth

Response

200500

Two-factor authentication disabled successfully

Body

application/json

any

Request

JavaScriptCurlPython

const response = await fetch('/2fa/disable-two-factor-auth', {
    method: 'POST',
    headers: {},
});
const data = await response.json();

Response

200500

{
  "message": "Two-factor authentication disabled successfully",
  "description": "<p>Two-factor authentication has been disabled for your account.</p>",
  "__$markdownParsed": true
}

Authenticates the user using two-factor authentication code.

POST/2fa/authenticate

Body

application/json

Two-factor authentication code

code*string

Two-factor authentication code

Example: "123456"

Response

200400500

Authentication successful

Body

application/json

accessTokenstring

Example: "access_token"

refreshTokenstring

Example: "refresh_token"

isTwoFactorEnableboolean

Example: true

Request

JavaScriptCurlPython

const response = await fetch('/2fa/authenticate', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "code": "123456"
    }),
});
const data = await response.json();

Response

200400500

{
  "accessToken": "access_token",
  "refreshToken": "refresh_token",
  "isTwoFactorEnable": true
}

Impersonates another user using two-factor authentication code. This endpoint is only available for admins of support team.

POST/2fa/impersonate

Body

application/json

Two-factor impersonation data

code*string

Two-factor authentication code

Example: "123456"

userId*number

User ID for impersonation

Example: 1

teamId*string

Team ID for impersonation

Example: "team_id"

Response

200400403404500

Impersonation successful

Body

application/json

accessTokenstring

Example: "access_token"

isTwoFactorEnableboolean

Example: false

Request

JavaScriptCurlPython

const response = await fetch('/2fa/impersonate', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "code": "123456",
      "userId": 1,
      "teamId": "team_id"
    }),
});
const data = await response.json();

Response

200400403404500

{
  "accessToken": "access_token",
  "isTwoFactorEnable": false
}

Cancels the impersonation and returns the original user's tokens.

POST/2fa/desimpersonation

Response

200403404500

Impersonation cancelled successfully

Body

application/json

accessTokenstring

Example: "access_token"

refreshTokenstring

Example: "refresh_token"

Request

JavaScriptCurlPython

const response = await fetch('/2fa/desimpersonation', {
    method: 'POST',
    headers: {},
});
const data = await response.json();

Response

200403404500

{
  "accessToken": "access_token",
  "refreshToken": "refresh_token"
}