Multi-Factor Auth

Request MFA Device Setup

Generates a SecretCode and a QR code. Either can be used for setting up multi-factor authentication (MFA) with an authenticator app.

SecurityapiKeyAuth and bearerAuth
Request
header Parameters
vbasoftware-database
required
string

Target database

Request Body schema:
required
accessToken
string or null

A valid access token issued to the user whose MFA Device you want to set-up.

Responses
200

Success

401

Unauthorized

post/mfa-setup
Request samples
{
  • "accessToken": "string"
}
Response samples
{
  • "data": {
    },
  • "error": {
    },
  • "debug": {
    }
}

Verify an MFA Device Setup

Verifies the registration of a multi-factor authentication (MFA) device for the user by verifying the software token and associating it with the user's account.

SecurityapiKeyAuth and bearerAuth
Request
header Parameters
vbasoftware-database
required
string

Target database

Request Body schema:
required
friendlyDeviceName
string or null

The friendly device name.

accessToken
string or null

The session that should be passed both ways in challenge-response calls to the service.

userCode
string or null

The one-time password computed using the secret code returned by AssociateSoftwareToken.

Responses
200

Success

401

Unauthorized

post/mfa-verify-setup
Request samples
{
  • "friendlyDeviceName": "string",
  • "accessToken": "string",
  • "userCode": "string"
}
Response samples
{
  • "data": {
    },
  • "error": {
    },
  • "debug": {
    }
}

Disable MFA

Disables MFA (Multi-Factor Authentication) for a specified user. If a MFA software token has previously been registered, it is not destroyed, just disabled.

SecurityapiKeyAuth and bearerAuth
Request
header Parameters
vbasoftware-database
required
string

Target database

Request Body schema:
required
user_ID
required
string non-empty

The unique identifier of the user whose MFA settings are to be disabled.

Responses
200

Success

401

Unauthorized

post/mfa-disable
Request samples
{
  • "user_ID": "string"
}
Response samples
{
  • "data": "string",
  • "error": {
    },
  • "debug": {
    }
}

Enable MFA

Enables MFA (Multi-Factor Authentication) for a specified user. If an MFA software token has previously been registered, it will be re-enabled.

SecurityapiKeyAuth and bearerAuth
Request
header Parameters
vbasoftware-database
required
string

Target database

Request Body schema:
required
user_ID
required
string non-empty

The unique identifier of the user whose MFA settings are to be enabled.

Responses
200

Success

401

Unauthorized

post/mfa-enable
Request samples
{
  • "user_ID": "string"
}
Response samples
{
  • "data": "string",
  • "error": {
    },
  • "debug": {
    }
}

Enable MFA for all Users

Enables MFA (Multi-Factor Authentication) for all users in the organization. If an MFA software token has previously been registered, it will be re-enabled.

SecurityapiKeyAuth and bearerAuth
Request
header Parameters
vbasoftware-database
required
string

Target database

Responses
200

Success

401

Unauthorized

post/mfa-enable-globally
Request samples 
Response samples 
No sample
Disable MFA for all Users
Disables MFA (Multi-Factor Authentication) for all users in the organization.  If an MFA software token has previously been registered, it will be set to inactive.


SecurityapiKeyAuth and bearerAuth 
Request 
header Parameters
vbasoftware-database
required
string
Target database


 
Responses 
200
Success


401
Unauthorized


post/mfa-disable-globally
Request samples 
Response samples 
No sample
Get Current MFA Status
Fetches the current multi-factor authentication (MFA) status for the logged-in user.


SecurityapiKeyAuth and bearerAuth 
Request 
header Parameters
vbasoftware-database
required
string
Target database


 
Responses 
200
Success


401
Unauthorized


get/mfa-status
Request samples 
Response samples 
No sample