post_mfa_disable

POST /mfa/disable

Disable MFA Method

Disable a previously enabled multi-factor authentication method for the authenticated user. This action may be restricted if MFA is enforced by the organization.

TypeScript Client Library

// Note: This endpoint doesn't have a direct client method in the provided TypeScript client
// You would need to use the generic makeRequest method:
// this.makeRequest<any>('mfa/disable', 'POST', { mfaType: 'GOOGLE_AUTH' });

Code Samples

# You can also use wget
curl -X POST https://backend.flashback.tech/mfa/disable \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Bearer {access-token}' \
  -d '{
    "mfaType": "GOOGLE_AUTH"
  }'

POST https://backend.flashback.tech/mfa/disable HTTP/1.1
Host: localhost:3000
Content-Type: application/json
Accept: application/json
Authorization: Bearer {access-token}

{
  "mfaType": "GOOGLE_AUTH"
}

const inputBody = '{
  "mfaType": "GOOGLE_AUTH"
}';
const headers = {
  'Content-Type':'application/json',
  'Accept':'application/json',
  'Authorization':'Bearer {access-token}'
};

fetch('https://backend.flashback.tech/mfa/disable',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'Content-Type' => 'application/json',
  'Accept' => 'application/json',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.post 'https://backend.flashback.tech/mfa/disable',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Content-Type': 'application/json',
  'Accept': 'application/json',
  'Authorization': 'Bearer {access-token}'
}

r = requests.post('https://backend.flashback.tech/mfa/disable', headers = headers)

print(r.json())

<?php

require 'vendor/autoload.php';

$headers = array(
    'Content-Type' => 'application/json',
    'Accept' => 'application/json',
    'Authorization' => 'Bearer {access-token}',
);

$client = new \GuzzleHttp\Client();

// Define array of request body.
$request_body = array(
    'mfaType' => 'GOOGLE_AUTH'
);

try {
    $response = $client->request('POST','https://backend.flashback.tech/mfa/disable', array(
        'headers' => $headers,
        'json' => $request_body,
       )
    );
    print_r($response->getBody()->getContents());
 }
 catch (\GuzzleHttp\Exception\BadResponseException $e) {
    // handle exception or api errors.
    print_r($e->getMessage());
 }

 // ...

URL obj = new URL("https://backend.flashback.tech/mfa/disable");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
con.setRequestProperty("Content-Type", "application/json");
con.setRequestProperty("Accept", "application/json");
con.setRequestProperty("Authorization", "Bearer {access-token}");
con.setDoOutput(true);

String jsonInputString = "{\"mfaType\":\"GOOGLE_AUTH\"}";
try(OutputStream os = con.getOutputStream()) {
    byte[] input = jsonInputString.getBytes("utf-8");
    os.write(input, 0, input.length);           
}

int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Content-Type": []string{"application/json"},
        "Accept": []string{"application/json"},
        "Authorization": []string{"Bearer {access-token}"},
    }

    data := bytes.NewBuffer([]byte{`{"mfaType":"GOOGLE_AUTH"}`})
    req, err := http.NewRequest("POST", "https://backend.flashback.tech/mfa/disable", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Request Body

Name

Type

Required

Description

mfaType

string

true

Type of MFA method to disable

Body parameter

{
  "mfaType": "GOOGLE_AUTH"
}

Example responses

200 Response

{
  "success": true,
  "message": "MFA method disabled"
}

403 Response

{
  "success": false,
  "error": "Cannot disable MFA when enforced by organization"
}

500 Response

{
  "success": false,
  "error": "Failed to disable MFA"
}

Responses

Status

Meaning

Description

Schema

200

MFA method disabled successfully

Inline

403

Forbidden

MFA cannot be disabled due to organization policy

Inline

500

Internal Server Error

Internal server error

Inline

Response Schema

Status Code 200

Name

Type

Required

Restrictions

Description

» success

boolean

false

none

Indicates if the request was successful

» message

string

false

none

Success message confirming the action

Status Code 403

Name

Type

Required

Restrictions

Description

» success

boolean

false

none

Indicates if the request was successful

» error

string

false

none

Error message describing the restriction

Status Code 500

Name

Type

Required

Restrictions

Description

» success

boolean

false

none

Indicates if the request was successful

» error

string

false

none

Error message describing the issue

Enumerated Values

Parameter

Value

Description

» mfaType

GOOGLE_AUTH

Google Authenticator TOTP

» mfaType

MAGIC_LINK

Magic link email verification

» mfaType

PASSKEY

WebAuthn passkey authentication

Previouspost__mfa_magic-link_activate Nextpost__mfa_primary

Last updated 27 days ago

Was this helpful?