post_mfa_setup

POST /mfa/setup

Setup MFA Method

Initialize the setup process for a multi-factor authentication method. This endpoint prepares the MFA setup and returns the necessary configuration data.

TypeScript Client Library

// Note: This endpoint doesn't have a direct client method in the provided TypeScript client
// You would need to use the generic makeRequest method:
// this.makeRequest<any>('mfa/setup', 'POST', { 
//   mfaType: 'GOOGLE_AUTH', 
//   email: '[email protected]',
//   deviceInfo: { name: 'iPhone 12', type: 'mobile' }
// });

Code Samples

# You can also use wget
curl -X POST https://backend.flashback.tech/mfa/setup \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Bearer {access-token}' \
  -d '{
    "mfaType": "GOOGLE_AUTH",
    "email": "[email protected]",
    "deviceInfo": {
      "name": "iPhone 12",
      "type": "mobile"
    }
  }'

POST https://backend.flashback.tech/mfa/setup HTTP/1.1
Host: localhost:3000
Content-Type: application/json
Accept: application/json
Authorization: Bearer {access-token}

{
  "mfaType": "GOOGLE_AUTH",
  "email": "[email protected]",
  "deviceInfo": {
    "name": "iPhone 12",
    "type": "mobile"
  }
}

const inputBody = '{
  "mfaType": "GOOGLE_AUTH",
  "email": "[email protected]",
  "deviceInfo": {
    "name": "iPhone 12",
    "type": "mobile"
  }
}';
const headers = {
  'Content-Type':'application/json',
  'Accept':'application/json',
  'Authorization':'Bearer {access-token}'
};

fetch('https://backend.flashback.tech/mfa/setup',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'Content-Type' => 'application/json',
  'Accept' => 'application/json',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.post 'https://backend.flashback.tech/mfa/setup',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Content-Type': 'application/json',
  'Accept': 'application/json',
  'Authorization': 'Bearer {access-token}'
}

r = requests.post('https://backend.flashback.tech/mfa/setup', headers = headers)

print(r.json())

<?php

require 'vendor/autoload.php';

$headers = array(
    'Content-Type' => 'application/json',
    'Accept' => 'application/json',
    'Authorization' => 'Bearer {access-token}',
);

$client = new \GuzzleHttp\Client();

// Define array of request body.
$request_body = array(
    'mfaType' => 'GOOGLE_AUTH',
    'email' => '[email protected]',
    'deviceInfo' => array(
        'name' => 'iPhone 12',
        'type' => 'mobile'
    )
);

try {
    $response = $client->request('POST','https://backend.flashback.tech/mfa/setup', array(
        'headers' => $headers,
        'json' => $request_body,
       )
    );
    print_r($response->getBody()->getContents());
 }
 catch (\GuzzleHttp\Exception\BadResponseException $e) {
    // handle exception or api errors.
    print_r($e->getMessage());
 }

 // ...

URL obj = new URL("https://backend.flashback.tech/mfa/setup");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
con.setRequestProperty("Content-Type", "application/json");
con.setRequestProperty("Accept", "application/json");
con.setRequestProperty("Authorization", "Bearer {access-token}");
con.setDoOutput(true);

String jsonInputString = "{\"mfaType\":\"GOOGLE_AUTH\",\"email\":\"[email protected]\",\"deviceInfo\":{\"name\":\"iPhone 12\",\"type\":\"mobile\"}}";
try(OutputStream os = con.getOutputStream()) {
    byte[] input = jsonInputString.getBytes("utf-8");
    os.write(input, 0, input.length);           
}

int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Content-Type": []string{"application/json"},
        "Accept": []string{"application/json"},
        "Authorization": []string{"Bearer {access-token}"},
    }

    data := bytes.NewBuffer([]byte{`{"mfaType":"GOOGLE_AUTH","email":"[email protected]","deviceInfo":{"name":"iPhone 12","type":"mobile"}}`})
    req, err := http.NewRequest("POST", "https://backend.flashback.tech/mfa/setup", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Request Body

Name

Type

Required

Description

mfaType

string

true

Type of MFA method to setup

string

false

Email address (required for magic links)

deviceInfo

object

false

Device information for passkeys

Body parameter

{
  "mfaType": "GOOGLE_AUTH",
  "email": "[email protected]",
  "deviceInfo": {
    "name": "iPhone 12",
    "type": "mobile"
  }
}

Example responses

200 Response

{
  "success": true,
  "data": {
    "secret": "JBSWY3DPEHPK3PXP",
    "qrCode": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAA...",
    "backupCodes": ["123456", "789012", "345678"]
  }
}

400 Response

{
  "success": false,
  "error": "Invalid MFA type specified"
}

500 Response

{
  "success": false,
  "error": "Failed to setup MFA"
}

Responses

Status

Meaning

Description

Schema

200

MFA setup initiated successfully

Inline

400

Bad Request

Invalid request parameters

Inline

500

Internal Server Error

Internal server error

Inline

Response Schema

Status Code 200

Name

Type

Required

Restrictions

Description

» success

boolean

false

none

Indicates if the request was successful

» data

object

false

none

MFA setup configuration data

Status Code 400

Name

Type

Required

Restrictions

Description

» success

boolean

false

none

Indicates if the request was successful

» error

string

false

none

Error message describing the validation issue

Status Code 500

Name

Type

Required

Restrictions

Description

» success

boolean

false

none

Indicates if the request was successful

» error

string

false

none

Error message describing the issue

Enumerated Values

Parameter

Value

Description

» mfaType

GOOGLE_AUTH

Google Authenticator TOTP

» mfaType

MAGIC_LINK

Magic link email verification

» mfaType

PASSKEY

WebAuthn passkey authentication

Previousget__mfa_methods Nextpost__mfa_verify-status

Last updated 27 days ago

Was this helpful?