MFA
Confirm MFA enrollment
Verifies a 6-digit TOTP code against the pending secret, enables MFA, and returns one-time backup codes.
curl -X POST "//api/auth/mfa/enroll/confirm" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_API_TOKEN (API token)" \
-d '{
"code": "example_string"
}'
import requests
import json
url = "//api/auth/mfa/enroll/confirm"
headers = {
"Content-Type": "application/json",
"Authorization": "Bearer YOUR_API_TOKEN (API token)"
}
data = {
"code": "example_string"
}
response = requests.post(url, headers=headers, json=data)
print(response.json())
const response = await fetch("//api/auth/mfa/enroll/confirm", {
method: "POST",
headers: {
"Content-Type": "application/json",
"Authorization": "Bearer YOUR_API_TOKEN (API token)"
},
body: JSON.stringify({
"code": "example_string"
})
});
const data = await response.json();
console.log(data);
package main
import (
"fmt"
"net/http"
"bytes"
"encoding/json"
)
func main() {
data := []byte(`{
"code": "example_string"
}`)
req, err := http.NewRequest("POST", "//api/auth/mfa/enroll/confirm", bytes.NewBuffer(data))
if err != nil {
panic(err)
}
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", "Bearer YOUR_API_TOKEN (API token)")
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
panic(err)
}
defer resp.Body.Close()
fmt.Println("Response Status:", resp.Status)
}
require 'net/http'
require 'json'
uri = URI('//api/auth/mfa/enroll/confirm')
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
request = Net::HTTP::Post.new(uri)
request['Content-Type'] = 'application/json'
request['Authorization'] = 'Bearer YOUR_API_TOKEN (API token)'
request.body = '{
"code": "example_string"
}'
response = http.request(request)
puts response.body
{
"backup_codes": [
"example_string"
]
}
{
"error": "Bad Request",
"message": "The request contains invalid parameters or malformed data",
"code": 400,
"details": [
{
"field": "email",
"message": "Invalid email format"
}
]
}
{
"error": "Unauthorized",
"message": "Authentication required. Please provide a valid API token",
"code": 401
}
{
"error": "Conflict",
"message": "The request conflicts with the current state of the resource",
"code": 409,
"details": "Resource already exists"
}
POST
/api/auth/mfa/enroll/confirm
POST
API Key (cookie: slugbase.sid)
slugbase.sidstring
RequiredSession cookie after login
Session cookie after login
Bearer Token (API token)
Bearer Tokenstring
RequiredBearer token (API token) - just enter the token, "Bearer" prefix will be added automatically
Content-Typestring
RequiredThe media type of the request body
Options: application/json
codestring
Required6-digit TOTP from the authenticator app
Request Preview
Response
Response will appear here after sending the request
Authentication
path
parameterstring
RequiredAPI Key for authentication. Session cookie after login
header
Authorizationstring
RequiredBearer token (API token). Authentication token required.
Body
application/json
codestring
Required6-digit TOTP from the authenticator app
Responses
backup_codesstring[]
RequiredOne-time codes; shown once
Was this page helpful?
Last updated today
Built with Documentation.AI