# post\_mfa\_setup `POST /mfa/setup` *Setup MFA Method* Initialize the setup process for a multi-factor authentication method. This endpoint prepares the MFA setup and returns the necessary configuration data. #### TypeScript Client Library ```typescript // Note: This endpoint doesn't have a direct client method in the provided TypeScript client // You would need to use the generic makeRequest method: // this.makeRequest('mfa/setup', 'POST', { // mfaType: 'GOOGLE_AUTH', // email: 'user@example.com', // deviceInfo: { name: 'iPhone 12', type: 'mobile' } // }); ``` #### Code Samples {% tabs %} {% tab title="Shell" %} ```shell # You can also use wget curl -X POST https://backend.flashback.tech/mfa/setup \ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ -H 'Authorization: Bearer {access-token}' \ -d '{ "mfaType": "GOOGLE_AUTH", "email": "user@example.com", "deviceInfo": { "name": "iPhone 12", "type": "mobile" } }' ``` {% endtab %} {% tab title="HTTP" %} ```http POST https://backend.flashback.tech/mfa/setup HTTP/1.1 Host: localhost:3000 Content-Type: application/json Accept: application/json Authorization: Bearer {access-token} { "mfaType": "GOOGLE_AUTH", "email": "user@example.com", "deviceInfo": { "name": "iPhone 12", "type": "mobile" } } ``` {% endtab %} {% tab title="JavaScript" %} ```javascript const inputBody = '{ "mfaType": "GOOGLE_AUTH", "email": "user@example.com", "deviceInfo": { "name": "iPhone 12", "type": "mobile" } }'; const headers = { 'Content-Type':'application/json', 'Accept':'application/json', 'Authorization':'Bearer {access-token}' }; fetch('https://backend.flashback.tech/mfa/setup', { method: 'POST', body: inputBody, headers: headers }) .then(function(res) { return res.json(); }).then(function(body) { console.log(body); }); ``` {% endtab %} {% tab title="Ruby" %} ```ruby require 'rest-client' require 'json' headers = { 'Content-Type' => 'application/json', 'Accept' => 'application/json', 'Authorization' => 'Bearer {access-token}' } result = RestClient.post 'https://backend.flashback.tech/mfa/setup', params: { }, headers: headers p JSON.parse(result) ``` {% endtab %} {% tab title="Python" %} ```python import requests headers = { 'Content-Type': 'application/json', 'Accept': 'application/json', 'Authorization': 'Bearer {access-token}' } r = requests.post('https://backend.flashback.tech/mfa/setup', headers = headers) print(r.json()) ``` {% endtab %} {% tab title="PHP" %} ```php 'application/json', 'Accept' => 'application/json', 'Authorization' => 'Bearer {access-token}', ); $client = new \GuzzleHttp\Client(); // Define array of request body. $request_body = array( 'mfaType' => 'GOOGLE_AUTH', 'email' => 'user@example.com', 'deviceInfo' => array( 'name' => 'iPhone 12', 'type' => 'mobile' ) ); try { $response = $client->request('POST','https://backend.flashback.tech/mfa/setup', array( 'headers' => $headers, 'json' => $request_body, ) ); print_r($response->getBody()->getContents()); } catch (\GuzzleHttp\Exception\BadResponseException $e) { // handle exception or api errors. print_r($e->getMessage()); } // ... ``` {% endtab %} {% tab title="Java" %} ```java URL obj = new URL("https://backend.flashback.tech/mfa/setup"); HttpURLConnection con = (HttpURLConnection) obj.openConnection(); con.setRequestMethod("POST"); con.setRequestProperty("Content-Type", "application/json"); con.setRequestProperty("Accept", "application/json"); con.setRequestProperty("Authorization", "Bearer {access-token}"); con.setDoOutput(true); String jsonInputString = "{\"mfaType\":\"GOOGLE_AUTH\",\"email\":\"user@example.com\",\"deviceInfo\":{\"name\":\"iPhone 12\",\"type\":\"mobile\"}}"; try(OutputStream os = con.getOutputStream()) { byte[] input = jsonInputString.getBytes("utf-8"); os.write(input, 0, input.length); } int responseCode = con.getResponseCode(); BufferedReader in = new BufferedReader( new InputStreamReader(con.getInputStream())); String inputLine; StringBuffer response = new StringBuffer(); while ((inputLine = in.readLine()) != null) { response.append(inputLine); } in.close(); System.out.println(response.toString()); ``` {% endtab %} {% tab title="Go" %} ```go package main import ( "bytes" "net/http" ) func main() { headers := map[string][]string{ "Content-Type": []string{"application/json"}, "Accept": []string{"application/json"}, "Authorization": []string{"Bearer {access-token}"}, } data := bytes.NewBuffer([]byte{`{"mfaType":"GOOGLE_AUTH","email":"user@example.com","deviceInfo":{"name":"iPhone 12","type":"mobile"}}`}) req, err := http.NewRequest("POST", "https://backend.flashback.tech/mfa/setup", data) req.Header = headers client := &http.Client{} resp, err := client.Do(req) // ... } ``` {% endtab %} {% endtabs %} #### Request Body | Name | Type | Required | Description | | ---------- | ------ | -------- | ---------------------------------------- | | mfaType | string | true | Type of MFA method to setup | | email | string | false | Email address (required for magic links) | | deviceInfo | object | false | Device information for passkeys | > Body parameter ```json { "mfaType": "GOOGLE_AUTH", "email": "user@example.com", "deviceInfo": { "name": "iPhone 12", "type": "mobile" } } ``` > Example responses > 200 Response ```json { "success": true, "data": { "secret": "JBSWY3DPEHPK3PXP", "qrCode": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAA...", "backupCodes": ["123456", "789012", "345678"] } } ``` > 400 Response ```json { "success": false, "error": "Invalid MFA type specified" } ``` > 500 Response ```json { "success": false, "error": "Failed to setup MFA" } ``` #### Responses | Status | Meaning | Description | Schema | | ------ | -------------------------------------------------------------------------- | -------------------------------- | ------ | | 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | MFA setup initiated successfully | Inline | | 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | Invalid request parameters | Inline | | 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | Internal server error | Inline | #### Response Schema Status Code **200** | Name | Type | Required | Restrictions | Description | | --------- | ------- | -------- | ------------ | --------------------------------------- | | » success | boolean | false | none | Indicates if the request was successful | | » data | object | false | none | MFA setup configuration data | Status Code **400** | Name | Type | Required | Restrictions | Description | | --------- | ------- | -------- | ------------ | --------------------------------------------- | | » success | boolean | false | none | Indicates if the request was successful | | » error | string | false | none | Error message describing the validation issue | Status Code **500** | Name | Type | Required | Restrictions | Description | | --------- | ------- | -------- | ------------ | --------------------------------------- | | » success | boolean | false | none | Indicates if the request was successful | | » error | string | false | none | Error message describing the issue | **Enumerated Values** | Parameter | Value | Description | | --------- | ------------ | ------------------------------- | | » mfaType | GOOGLE\_AUTH | Google Authenticator TOTP | | » mfaType | MAGIC\_LINK | Magic link email verification | | » mfaType | PASSKEY | WebAuthn passkey authentication | --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.flashback.tech/support-reference/platform-api-reference/mfa-multi-factor-authentication/post_mfa_setup.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.