Two Factor
Begin authenticator app setup
Starts enrolling an authenticator app for two-factor sign-in. Returns the shared secret, a QR code to scan, and one-time backup codes. The setup must be confirmed with a generated code before it takes effect.
Request Body
application/json
TypeScript Definitions
Use the request body type in TypeScript.
Response Body
application/json
application/json
application/json
application/json
application/json
application/json
curl -X POST "https://loading/accounts.v1.Accounts/SetupTOTP" \ -H "Content-Type: application/json" \ -d '{}'{
"qrCodeBase64": "iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mNk+M8AAAMBAQDJ/pLvAAAAAElFTkSuQmCC",
"secret": "JBSWY3DPEHPK3PXP",
"issuer": "Goldmine",
"accountName": "jordan@acme.example",
"backupCodes": [
"a1b2-c3d4",
"e5f6-g7h8",
"i9j0-k1l2"
]
}{
"code": "invalid_argument",
"message": "The request was malformed, such as a missing required field or an unparseable cursor."
}{
"code": "unauthenticated",
"message": "The request lacks a valid API key in the Authorization header."
}{
"code": "permission_denied",
"message": "The API key is not allowed to perform this action on this workspace."
}{
"code": "resource_exhausted",
"message": "The request was rate limited. Slow down and retry later."
}{
"code": "internal",
"message": "An internal server error occurred."
}SetTwoFactorMethod
Chooses which enrolled method, such as authenticator app, passkey, or email, is used as the primary two-factor challenge at sign-in.
VerifyStepUp
Completes a step-up challenge by supplying one verification code. On success the caller is briefly marked as freshly re-verified so they can perform a sensitive action.