MFA endpoints and flow expectations for password and OAuth sign-ins.
GET /api/v1/auth/mfa/statusPOST /api/v1/auth/mfa/totp/enroll/startPOST /api/v1/auth/mfa/totp/enroll/verifyPOST /api/v1/auth/mfa/challenge/verifyPOST /api/v1/auth/mfa/backup-codes/regeneratePOST /api/v1/auth/mfa/disableGET /api/v1/auth/mfa/trusted-devicesPOST /api/v1/auth/mfa/trusted-devices/{device_id}/revokePOST /api/v1/auth/mfa/recovery/email/startPOST /api/v1/auth/mfa/recovery/email/verifyMar 24, 2026
Report unclear guidance, stale contracts, missing coverage, or broken docs UI on this page.
Open feedback issueMar 24, 2026
Report unclear guidance, stale contracts, missing coverage, or broken docs UI on this page.
Open feedback issue