Two factor
Two-Factor Authentication plugin endpoints for TOTP, OTP, and backup codes.
/two-factor/get-totp-uri
Authorization
bearerAuth Bearer token authentication
In: header
Request Body
application/json
User password
Response Body
application/json
application/json
application/json
application/json
application/json
application/json
application/json
curl -X POST "http://localhost:3001/api/auth/two-factor/get-totp-uri" \ -H "Content-Type: application/json" \ -d '{ "password": "string" }'{
"totpURI": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}/two-factor/verify-totp
Authorization
bearerAuth Bearer token authentication
In: header
Request Body
application/json
The otp code to verify
If true, the device will be trusted for 30 days. It'll be refreshed on every sign in request within this time.
Response Body
application/json
application/json
application/json
application/json
application/json
application/json
application/json
curl -X POST "http://localhost:3001/api/auth/two-factor/verify-totp" \ -H "Content-Type: application/json" \ -d '{ "code": "string" }'{
"status": true
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}/two-factor/send-otp
Authorization
bearerAuth Bearer token authentication
In: header
Response Body
application/json
application/json
application/json
application/json
application/json
application/json
application/json
curl -X POST "http://localhost:3001/api/auth/two-factor/send-otp"{
"status": true
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}/two-factor/verify-otp
Authorization
bearerAuth Bearer token authentication
In: header
Request Body
application/json
The otp code to verify
Response Body
application/json
application/json
application/json
application/json
application/json
application/json
application/json
curl -X POST "http://localhost:3001/api/auth/two-factor/verify-otp" \ -H "Content-Type: application/json" \ -d '{ "code": "string" }'{
"token": "string",
"user": {
"id": "string",
"email": "[email protected]",
"emailVerified": true,
"name": "string",
"image": "http://example.com",
"createdAt": "2019-08-24T14:15:22Z",
"updatedAt": "2019-08-24T14:15:22Z"
}
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}/two-factor/verify-backup-code
Authorization
bearerAuth Bearer token authentication
In: header
Request Body
application/json
If true, the session cookie will not be set.
If true, the device will be trusted for 30 days. It'll be refreshed on every sign in request within this time.
Response Body
application/json
application/json
application/json
application/json
application/json
application/json
application/json
curl -X POST "http://localhost:3001/api/auth/two-factor/verify-backup-code" \ -H "Content-Type: application/json" \ -d '{ "code": "string" }'{
"user": {
"id": "string",
"email": "[email protected]",
"emailVerified": true,
"name": "string",
"image": "http://example.com",
"twoFactorEnabled": true,
"createdAt": "2019-08-24T14:15:22Z",
"updatedAt": "2019-08-24T14:15:22Z"
},
"session": {
"token": "string",
"userId": "string",
"createdAt": "2019-08-24T14:15:22Z",
"expiresAt": "2019-08-24T14:15:22Z"
}
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}/two-factor/generate-backup-codes
Authorization
bearerAuth Bearer token authentication
In: header
Request Body
application/json
Response Body
application/json
application/json
application/json
application/json
application/json
application/json
application/json
curl -X POST "http://localhost:3001/api/auth/two-factor/generate-backup-codes" \ -H "Content-Type: application/json" \ -d '{ "password": "string" }'{
"status": true,
"backupCodes": [
"string"
]
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}/two-factor/enable
Authorization
bearerAuth Bearer token authentication
In: header
Request Body
application/json
User password
Custom issuer for the TOTP URI
Response Body
application/json
application/json
application/json
application/json
application/json
application/json
application/json
curl -X POST "http://localhost:3001/api/auth/two-factor/enable" \ -H "Content-Type: application/json" \ -d '{ "password": "string" }'{
"totpURI": "string",
"backupCodes": [
"string"
]
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}/two-factor/disable
Authorization
bearerAuth Bearer token authentication
In: header
Request Body
application/json
User password
Response Body
application/json
application/json
application/json
application/json
application/json
application/json
application/json
curl -X POST "http://localhost:3001/api/auth/two-factor/disable" \ -H "Content-Type: application/json" \ -d '{ "password": "string" }'{
"status": true
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}{
"message": "string"
}