Two-factor authentication
Use these methods to check whether two-factor authentication (2FA) is enabled or disabled for a specific client, disable 2FA if it was previously enabled by a client and get data about 2FA methods.
GET[host]/api/v2/clients/{clientId}/2fa |
|
GET[host]/api/v2/clients/{clientId}/2fa/{type} |
|
PUT[host]/api/v2/clients/{clientId}/2fa/{type} PATCH[host]/api/v2/clients/{clientId}/2fa/{type} |
Use these methods to get the log of 2FA-related changes made to client profiles.
GET[host]/api/v2/clients/{clientId}/2fa/changes |
|
GET[host]/api/v2/clients/{clientId}/2fa/changes/{changeId} |
Check 2FA status
Use this method to check whether 2FA is enabled or disabled for a client.
Request
Header parameters:
Authorization: Bearer <access_token>
Path parameters:
- clientId required
The client identifier.
GET[host]/api/v2/clients/{clientId}/2fa
curl --location --request GET 'https://host.name/api/v2/clients/1/2fa' \
--header 'Authorization: Bearer <token>'
Response
A response contains an array of objects providing the following data about available 2FA methods:
- caption string
The name of a 2FA method.
- isEnabled boolean
If
true
, 2FA with a given method is enabled for a client; otherwise,false
.- name string
The method used to deliver 2FA codes to a client. Possible values:
google
— codes from the Google Authenticator app are used for confirmationSMS
— codes are delivered to a client phone number via SMS
{
"total": 1,
"data": [
{
"caption": "SMS Confirmation",
"isEnabled": false,
"name": "sms"
},
{
"caption": "Google Authenticator",
"isEnabled": true,
"name": "google"
}
]
}
Get 2FA method details
Use this method to check whether a specific 2FA method is enabled or disabled for a client.
Request
Header parameters:
Authorization: Bearer <access_token>
Path parameters:
- clientId required
The client identifier.
- type required
The method used to deliver 2FA codes to a client. Possible values:
google
— codes from the Google Authenticator app are used for confirmationsms
— codes are delivered to a client phone number via SMS
GET[host]/api/v2/clients/{clientId}/2fa/{type}
curl --location --request GET 'https://host.name/api/v2/clients/1/2fa/google' \
--header 'Authorization: Bearer <token>'
Response
A response includes the following data about a specified 2FA method:
- caption string
The name of a 2FA method.
- isEnabled boolean
If
true
, 2FA with a given method is enabled for a client; otherwise,false
.- name string
The method used to deliver 2FA codes to a client. Possible values:
google
— codes from the Google Authenticator app are used for confirmationsms
— codes are delivered to a client phone number via SMS
{
"caption": "SMS Confirmation",
"isEnabled": false,
"name": "sms"
}
Disable 2FA
Use this method to disable 2FA for a specific client.
Note
Instead of the method described below, you can use a similar method that uses the HTTP verb PATCH.
Request
Header parameters:
Authorization: Bearer <access_token>
Path parameters:
- clientId required
The client identifier.
- type required
The 2FA method that you want to disable for a client. Possible values:
google
— codes from the Google Authenticator app are used for confirmationsms
— codes are delivered to a client phone number via SMS
PUT[host]/api/v2/clients/{clientId}/2fa/{type}
curl --location --request PUT 'https://host.name/api/v2/clients/1/2fa/google' \
--header 'Authorization: Bearer <token>'
Response
A response includes the following data about a 2FA method that was disabled:
- caption string
The name of a 2FA method.
- isEnabled boolean
If
true
, 2FA with a given method is enabled for a client; otherwise,false
.- name string
The method used to deliver 2FA codes to a client. Possible values:
google
— codes from the Google Authenticator app are used for confirmationsms
— codes are delivered to a client phone number via SMS
{
"caption": "Google Authenticator",
"isEnabled": false,
"name": "google"
}
Get 2FA change history
Use this method to obtain the log of 2FA-related changes made for a specific client.
Request
Header parameters:
Authorization: Bearer <access_token>
Query parameters:
The following filter parameters are available for this method:
- isEnabled
If
true
, 2FA is enabled for a client; otherwise,false
.- timeFrom
The start date and time of a period for which you want to get a log of 2FA changes.
- timeTo
The end date and time of a period for which you want to get a log of 2FA changes.
- provider
The method used to deliver 2FA codes to a client. Possible values:
google
— codes from the Google Authenticator app are used for confirmationsms
— codes are delivered to a client phone number via SMS
The following sorting parameter is available for this method:
- time
The date and time when changes were made.
Refer to the Query parameters section of the API Overview for details on applying filter and sorting parameters.
Path parameters:
- clientId required
The client identifier.
GET[host]/api/v2/clients/{clientId}/2fa/changes
curl --location -g --request GET 'https://host.name/api/v2/clients/1/2fa/changes?limit=10&offset=0&sort_order=desc&sort_by=time&filter[isEnabled]=true&filter[timeFrom]=2022-12-01T07:23:59%2B00:00&filter[timeTo]=2022-12-01T07:23:59%2B00:00&filter[provider]=sms' \
--header 'Authorization: Bearer <token>'
Response
A response includes an array of objects providing the following data about the 2FA-related changes matching the request parameters:
- id integer
The identifier of a change record.
- provider string
The method used to deliver 2FA codes to a client. Possible values:
google
— codes from the Google Authenticator app are used for confirmationsms
— codes are delivered to a client phone number via SMS
- isEnabled boolean
If
true
, 2FA with a given method is enabled for a client; otherwise,false
.- time string or null
The date and time when a change was made.
{
"total": 3,
"data": [
{
"id": 1,
"provider": "sms",
"isEnabled": false,
"time": "2022-01-01T00:00:00+00:00"
},
{
"id": 2,
"provider": "sms",
"isEnabled": false,
"time": "2022-01-01T00:00:00+00:00"
}
{
"id": 3,
"provider": "google",
"isEnabled": true,
"time": "2022-01-01T00:00:00+00:00"
}
]
}
Get 2FA change details
Use this method to get detailed information about a specific 2FA change record.
Request
Header parameters:
Authorization: Bearer <access_token>
Path parameters:
- clientId required
The client identifier.
- changeId required
The identifier of a change record.
GET[host]/api/v2/clients/{clientId}/2fa/changes/{changeId}
curl --location --request GET 'https://host.name/api/v2/clients/1/2fa/changes/1?limit=10&offset=0' \
--header 'Authorization: Bearer <token>'
Response
A response includes the following data about a specified 2FA change record:
- id integer
The identifier of a change record.
- provider string
The method used to deliver 2FA codes to a client. Possible values:
google
— codes from the Google Authenticator app are used for confirmationsms
— codes are delivered to a client phone number via SMS
- isEnabled boolean
If
true
, 2FA with a given method is enabled for a client; otherwise,false
.- time string or null
The date and time when a change was made.
{
"id": 1,
"provider": "sms",
"isEnabled": false,
"time": "2022-01-01T00:00:00+00:00"
}