Set User MFA Type
Sets the multi-factor authentication (MFA) type for the specified user. The target user must have MFA enabled before the type can be changed.
Required Permissions
Requires the ADMIN role or higher. You cannot apply this action to a user with higher privileges than yourself.
HTTP Request
POST /api/sonar/users/:guid/mfa/type
cURL Example
curl -H "Authorization: Bearer <API_KEY>" \
-d type=OTP \
-X POST \
https://HOSTNAME/api/sonar/users/bfd00bb0-be99-4fd5-8380-166f544975fa/mfa/type
Request Parameters
Path Parameters
| Key | Type | Description | Notes |
|---|---|---|---|
| guid | String | User identifier | 36 characters |
Request Body Parameters
| Key | Required | Type | Description | Notes |
|---|---|---|---|---|
| type | Yes | String | MFA type | One of OTP, MAIL, SMS, PASSWORD |
MFA types
OTP: Verification code from an OTP app such as Google AuthenticatorMAIL: Verification code sent by email (requires mail server configuration)SMS: Verification code sent by SMSPASSWORD: Additional password input
Success Response
{}
Error Responses
Required argument is missing
HTTP status code 400
{
"error_code": "null-argument",
"error_msg": "type should be not null"
}
User identifier is not in valid GUID format
HTTP status code 400
{
"error_code": "invalid-param-type",
"error_msg": "guid should be guid type."
}
User is not found
HTTP status code 500
{
"error_code": "illegal-state",
"error_msg": "user-not-found"
}
Unsupported MFA type
HTTP status code 500
{
"error_code": "illegal-state",
"error_msg": "not-support-mfa-type"
}
MFA is not enabled
HTTP status code 500. The target user must have MFA enabled before the MFA type can be changed.
{
"error_code": "illegal-state",
"error_msg": "mfa-not-enabled"
}
Apply to a user with higher privileges
HTTP status code 500
{
"error_code": "illegal-state",
"error_msg": "no-permission"
}