GET /auth/mfa/status
Get MFA status for the current user
Get MFA status for the current user
/auth/mfa/statusResponses
200
MfaStatusResponseDto
| Field | Type | Required | Description |
|---|---|---|---|
isEnabled | boolean | required | Whether MFA is currently enabled for the user Example: true |
verifiedMethods | "email" | "sms" | "totp"[] | required | MFA methods the user has verified and can currently use (includes EMAIL/SMS if configured, and TOTP if user has verified device) Example: ["email","totp"] |
configuredMethods | "email" | "sms" | "totp"[] | required | All MFA methods configured and available in the application (methods user can potentially set up) Example: ["email","totp","sms"] |
allowUserToggle | boolean | required | Indicates if MFA toggling is allowed for the user Example: true |
allowMethodSelection | boolean | required | Indicates if users can choose their preferred MFA method Example: true |
totpDevices | object[] | required | Registered TOTP devices for the user |
hasRecoveryCode | boolean | required | Whether a recovery code has been generated for the user Example: false |
required | boolean | required | Whether MFA is required for all users. If true, users cannot disable MFA even if allowUserToggle is true Example: false |
canToggle | boolean | required | Whether the user can toggle MFA. This is false if MFA is required (required=true) even if allowUserToggle is true Example: true |
Example response
{
"isEnabled": true,
"verifiedMethods": [
"email",
"totp"
],
"configuredMethods": [
"email",
"totp",
"sms"
],
"allowUserToggle": true,
"allowMethodSelection": true,
"totpDevices": [
{
"id": "4b3c9c9c-9a9d-4d1e-8d9f-123456789abc",
"deviceName": "Work laptop",
"method": "totp",
"lastUsedAt": "2024-05-20T12:34:56.000Z",
"verified": true,
"createdAt": "2024-05-18T10:15:00.000Z"
}
],
"hasRecoveryCode": false,
"required": false,
"canToggle": true
}Try it
curl -X GET 'https://api.example.com/auth/mfa/status' \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer YOUR_ACCESS_TOKEN'