Two Factor
Set the active two-factor method
Chooses which enrolled method, such as authenticator app, passkey, or email, is used as the primary two-factor challenge at sign-in.
Request Body
application/json
TypeScript Definitions
Use the request body type in TypeScript.
Response Body
application/json
application/json
application/json
application/json
application/json
application/json
curl -X POST "https://loading/accounts.v1.Accounts/SetTwoFactorMethod" \ -H "Content-Type: application/json" \ -d '{ "method": "TWO_FACTOR_METHOD_TOTP" }'{}{
"code": "failed_precondition",
"message": "The request cannot be carried out in the current system state."
}{
"code": "unauthenticated",
"message": "The request lacks a valid API key in the Authorization header."
}{
"code": "permission_denied",
"message": "The API key is not allowed to perform this action on this workspace."
}{
"code": "resource_exhausted",
"message": "The request was rate limited. Slow down and retry later."
}{
"code": "internal",
"message": "An internal server error occurred."
}RegenerateBackupCodes
Issues a fresh set of one-time backup codes and invalidates the previous set. The caller must supply their password and a current authenticator code to confirm.
SetupTOTP
Starts enrolling an authenticator app for two-factor sign-in. Returns the shared secret, a QR code to scan, and one-time backup codes. The setup must be confirmed with a generated code before it takes effect.