Change Preferred 2FA Method

POST /api/auth/2fa/preferred-method

Change the preferred 2FA method.

You can learn more about 2FA methods here.

The user can authenticate using password. 2FA will not work with OAuth2. The OAuth2 provider will validate the second factor if the user enabled it for the provider.
At least one of email or TOTP as 2FA methods should be enabled.

A valid AccessToken is required.
A valid StepUpToken is required. This token should match user and session contained in the AccessToken.

Request

Updated user information.

The following error codes correspond to this status:

NO_PASSWORD_PROVIDER: The user needs to set a password in to perform this action.
2FA_DISABLED: User needs to set up two-factor authentication to complete this action.

The following error codes correspond to this status:

ACCESS_TOKEN_EXPIRED: Indicates that the access token is expired.
ACCESS_TOKEN_INVALID: Indicates that the access token cannot be decoded.
AUTHENTICATION_REQUIRED: User is not authenticated.
STEP_UP_TOKEN_EXPIRED: Indicates that the step-up token is expired.
STEP_UP_TOKEN_INVALID: Indicates that the step-up token cannot be decoded.
STEP_UP_TOKEN_MISSING: Thrown when the step-up token is missing.

The following error codes correspond to this status:

The following error codes correspond to this status:

ACCESS_TOKEN_ALLOWLIST_READING_FAILURE: Represents an exception indicating a failure when reading the allowlist for an access token cache.
DATABASE_FAILURE: Exception representing a general failure related to database operations.
DATABASE_ENCRYPTION_FAILURE: Exception representing a general failure related to database encryption operations.
INVALID_USER_DOCUMENT: A requested user document was stored in an invalid format.
POST_COMMIT_SIDE_EFFECT_FAILURE: Exception representing a failure to perform a side effect after a successful database operation.
INVALID_PRINCIPAL_DOCUMENT: A requested principal document was stored in an invalid format.