Xsolla-logo

Update user’s two-factor authentication settings

post/users/me/mfa

Updates user’s two-factor authentication settings. The user must confirm the changes by entering a one-time code.

The workflow of using this call:

  1. The user enables or disables two-factor authentication.
  2. The application sends the request to the Xsolla Login server.
  3. The Xsolla Login server sends the one-time confirmation code to the user and returns the URL of the two-factor authentication page.
  4. The application redirects the user to the URL.
  5. The user enters the one-time code.
  6. New two-factor authentication settings are applied.

You must enable two-factor authentication for the Login project. Contact your Account Manager to enable it.

SecurityBearer
Request
query Parameters
login_url
string

URL to redirect the user to after account confirmation, successful authentication, two-factor authentication configuration, or password reset confirmation. Must be identical to the Callback URL specified in the URL block of Publisher Account. To find it, go to Login > your Login project > General settings. Required if there are several Callback URLs.

Request Body schema: application/json
mfa_type
required
string

Type of the second factor. Can be: email or sms. You must enable the specified type for the Login project. Contact your Account Manager to set it up.

Enum: "email" "sms"
enabled
boolean
Default: false

Status of two-factor authentication settings. Set true value for enabling, and false value otherwise.

locale
string

Region in the <language code>_<country code> format, where:

Responses
200

OK

401

Unauthorized

422

Unprocessable Entity

429

Too Many Requests

Request samples
application/json
{
  • "enabled": true,
  • "mfa_type": "email"
}