See api-docs Menu

Verify MFA Token

Early Preview

This API is in early preview and may be subject to change.

Use this API to verify a MFA token that has been sent to a user as a result of the Validate a User request.







Resource URL

https://<api-domain>/api/2/smart-mfa/verify

Header Parameters

Authorization

required

string

Set to bearer:<access_token>.

Set <access_token> to the access token you generated using the Generate Token API.

The access token must have been generated using an API credential pair created using the scope required to call this API. This API can be called using any one of the following scopes: Authentication Only, Read Users, Manage users, Read All, or Manage All.

Content-Type

required

string

Set to application/json.

Request Parameters

state_token

required

string

The state_token value returned from the Validate a User endpoint.

otp_token

required

string

The MFA token that was sent to the user via Email or SMS using the Validate a User endpoint

Sample Request Body

{
  "state_token": "7eca471e256fffa4d8760dcf893f134279652ab1",
    "otp_token": "817252"
}

Sample Response

OK
{
    "name": "BadRequestError",
    "message": "State token is invalid or expired"
}

Invalid otp_token

{
  "name": "Unauthorized",
  "message": "Failed authentication with this factor"
}

Invalid API access token

{
  "name": "UnauthorizedError",
  "message": "The request requires user authentication."
}

Sample Code

cURL

curl -XPOST 'https://api.us.onelogin.com/api/2/smart-mfa/verify' \
  -H 'Authorization: Bearer xxxxxxxxxxxxx' \
  -H 'Content-Type: application/json' \
  -d '{
    "state_token": "xxx-xxx-xxx",
      "otp_token": "810455"
}'

Postman Collection

Replace sample variables indicated by {{ }} with your actual values.

Download for the Smart MFA API


Have a Question?

Have a how-to question? Seeing a weird error? Ask us about it on StackOverflow.

Found a bug? Submit a support ticket.

Have a product idea or request? Share it with us in our Ideas Portal.