Enable Email as 2FA Method

POST 
/api/auth/2fa/email/enable

Enable email as 2FA method.

Learn more about email as 2FA method here.

A security alert will be sent to the user's email if this setting is enabled and email is enabled and configured correctly.

Requirements

• The user can authenticate using password. 2FA will not work with OAuth2. The OAuth2 provider will validate the second factor if the user enabled it for the provider.

Note: If email is enabled in your application, email is 2FA method will be enabled by default for every user that registers with a password.

Locale

A locale can be specified for this request. The email will be sent in the specified locale. You can learn more about locale in emails here.

If no locale is specified, the applications default locale will be used. You can learn more about configuring the default locale here.

Tokens

• A valid AccessToken is required.
• A valid StepUpToken is required. This token should match user and session contained in the AccessToken.

Request

Responses

200

Updated user information.

304

The following error codes correspond to this status:

• TWO_FACTOR_METHOD_ALREADY_ENABLED: Two-factor authentication method is already enabled.

400

The following error codes correspond to this status:

• NO_PASSWORD_PROVIDER: The user needs to set a password in to perform this action.

401

The following error codes correspond to this status:

• ACCESS_TOKEN_EXPIRED: Indicates that the access token is expired.
• ACCESS_TOKEN_INVALID: Indicates that the access token cannot be decoded.
• AUTHENTICATION_REQUIRED: User is not authenticated.
• STEP_UP_TOKEN_EXPIRED: Indicates that the step-up token is expired.
• STEP_UP_TOKEN_INVALID: Indicates that the step-up token cannot be decoded.
• STEP_UP_TOKEN_MISSING: Thrown when the step-up token is missing.
• TWO_FACTOR_CODE_EXPIRED: Two-factor code has expired.
• WRONG_TWO_FACTOR_CODE: Wrong two-factor code.

404

The following error codes correspond to this status:

• USER_NOT_FOUND: User not found.

500

The following error codes correspond to this status:

• ACCESS_TOKEN_ALLOWLIST_READING_FAILURE: Represents an exception indicating a failure when reading the allowlist for an access token cache.
• DATABASE_FAILURE: Exception representing a general failure related to database operations.
• DATABASE_ENCRYPTION_FAILURE: Exception representing a general failure related to database encryption operations.
• INVALID_USER_DOCUMENT: A requested user document was stored in an invalid format.
• POST_COMMIT_SIDE_EFFECT_FAILURE: Exception representing a failure to perform a side effect after a successful database operation.
• INVALID_PRINCIPAL_DOCUMENT: A requested principal document was stored in an invalid format.