Two Step Verification v1

Reference for the Two Step Verification v1 endpoints on Roblox.

Base URL: https://twostepverification.roblox.com

Endpoints

Method	Path	Name
`GET`	`/v1/metadata`	`getMetadata`
`POST`	`/v1/users/:userId/challenges/authenticator/verify`	`postUsersUseridChallengesAuthenticatorVerify`
`POST`	`/v1/users/:userId/challenges/cross-device/retract`	`postUsersUseridChallengesCrossDeviceRetract`
`POST`	`/v1/users/:userId/challenges/cross-device/retry`	`postUsersUseridChallengesCrossDeviceRetry`
`POST`	`/v1/users/:userId/challenges/cross-device/verify`	`postUsersUseridChallengesCrossDeviceVerify`
`POST`	`/v1/users/:userId/challenges/email/send-code`	`postUsersUseridChallengesEmailSendCode`
`POST`	`/v1/users/:userId/challenges/email/verify`	`postUsersUseridChallengesEmailVerify`
`POST`	`/v1/users/:userId/challenges/passkey/verify-finish`	`postUsersUseridChallengesPasskeyVerifyFinish`
`POST`	`/v1/users/:userId/challenges/passkey/verify-start`	`postUsersUseridChallengesPasskeyVerifyStart`
`POST`	`/v1/users/:userId/challenges/password/verify`	`postUsersUseridChallengesPasswordVerify`
`POST`	`/v1/users/:userId/challenges/recovery-codes/verify`	`postUsersUseridChallengesRecoveryCodesVerify`
`POST`	`/v1/users/:userId/challenges/security-key/verify-finish`	`postUsersUseridChallengesSecurityKeyVerifyFinish`
`POST`	`/v1/users/:userId/challenges/security-key/verify-start`	`postUsersUseridChallengesSecurityKeyVerifyStart`
`POST`	`/v1/users/:userId/challenges/sms/send-code`	`postUsersUseridChallengesSmsSendCode`
`POST`	`/v1/users/:userId/challenges/sms/verify`	`postUsersUseridChallengesSmsVerify`
`GET`	`/v1/users/:userId/configuration`	`getUsersUseridConfiguration`
`POST`	`/v1/users/:userId/configuration/authenticator/disable`	`postUsersUseridConfigurationAuthenticatorDisable`
`POST`	`/v1/users/:userId/configuration/authenticator/enable`	`postUsersUseridConfigurationAuthenticatorEnable`
`POST`	`/v1/users/:userId/configuration/authenticator/enable-verify`	`postUsersUseridConfigurationAuthenticatorEnableVerify`
`POST`	`/v1/users/:userId/configuration/email/disable`	`postUsersUseridConfigurationEmailDisable`
`POST`	`/v1/users/:userId/configuration/email/enable`	`postUsersUseridConfigurationEmailEnable`
`POST`	`/v1/users/:userId/configuration/security-key/disable`	`postUsersUseridConfigurationSecurityKeyDisable`
`POST`	`/v1/users/:userId/configuration/security-key/enable`	`postUsersUseridConfigurationSecurityKeyEnable`
`POST`	`/v1/users/:userId/configuration/security-key/enable-verify`	`postUsersUseridConfigurationSecurityKeyEnableVerify`
`POST`	`/v1/users/:userId/configuration/security-key/list`	`postUsersUseridConfigurationSecurityKeyList`
`POST`	`/v1/users/:userId/configuration/sms/disable`	`postUsersUseridConfigurationSmsDisable`
`POST`	`/v1/users/:userId/configuration/sms/enable`	`postUsersUseridConfigurationSmsEnable`
`GET`	`/v1/users/:userId/recovery-codes`	`getUsersUseridRecoveryCodes`
`POST`	`/v1/users/:userId/recovery-codes/clear`	`postUsersUseridRecoveryCodesClear`
`POST`	`/v1/users/:userId/recovery-codes/regenerate`	`postUsersUseridRecoveryCodesRegenerate`

`getMetadata`

GET /v1/metadata

Gets two step verification system metadata.

Usage

import { fetchApi } from 'rozod';
import { getMetadata } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(getMetadata, {
  userId: /* integer? */,
  challengeId: /* string? */
});

Parameters

Name	Type	Required	Description
`userId`	`integer?`	No	The user ID.
`challengeId`	`string?`	No	The active two step verification challenge ID if there is one.

Response

Field	Type	Description
`twoStepVerificationEnabled`	`boolean`
`authenticatorQrCodeSize`	`string`
`emailCodeLength`	`number`
`authenticatorCodeLength`	`number`
`authenticatorHelpSiteAddress`	`string`
`isPasswordRequiredForEnablingAuthenticator`	`boolean`
`isPasswordRequiredForEnablingEmailTwoStepVerification`	`boolean`
`isUsingTwoStepWebviewComponent`	`boolean`
`isTwoStepEnabledRequiredForEmailPasswordRequirement`	`boolean`
`isTwoStepEnabledRequiredForAuthenticatorPasswordRequirement`	`boolean`
`isSingleMethodEnforcementEnabled`	`boolean`
`isSmsTwoStepVerificationAvailable`	`boolean`
`isSecurityKeyTwoStepVerificationAvailable`	`boolean`
`isAuthenticatorWithVerifiedPhoneEnabled`	`boolean`
`isPasswordRequiredForEnablingSecurityKey`	`boolean`
`isPasswordRequiredForEnablingSms2SV`	`boolean`
`isPasswordRequiredForChangingRecoveryCodes`	`boolean`
`isPasswordRequiredForDisablingAuthenticator`	`boolean`
`isPasswordRequiredForDisablingEmailTwoStepVerification`	`boolean`
`isPasswordRequiredForDisablingSms2SV`	`boolean`
`isRecoveryCodeGenerationForAuthenticatorSetupEnabled`	`boolean`
`isSecurityKeyOnAllPlatformsEnabled`	`boolean`
`receiveWarningsOnDisableTwoStep`	`boolean`
`isAndroidSecurityKeyEnabled`	`boolean`
`isSettingsTabRedesignEnabled`	`boolean`
`twoStepCopyTextEnrollmentStatus`	`number`
`isEppUIEnabled`	`boolean`
`isEppRecoveryCodesEnabled`	`boolean`
`maskedUserEmail`	`string`
`isUserU13`	`boolean`
`isDelayedUiEnabled`	`boolean`
`is2svRecoveryEnabled`	`boolean`

`postUsersUseridChallengesAuthenticatorVerify`

POST /v1/users/:userId/challenges/authenticator/verify

Verifies a two step verification challenge code via authenticator app.

Usage

import { fetchApi } from 'rozod';
import { postUsersUseridChallengesAuthenticatorVerify } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(postUsersUseridChallengesAuthenticatorVerify, {
  userId: /* integer */,
  body: { /* ... */ }
});

Parameters

Name	Type	Required	Description
`userId`	`integer`	Yes	The user ID.

Request Body

Field	Type	Description
`challengeId`	`string`
`actionType`	`“Unknown"	"Login"
`code`	`string`

Response

Field	Type	Description
`verificationToken`	`string`

Errors

Status	Description
400	1: Invalid challenge ID. 2: The user ID is invalid. 10: The two step verification challenge code is invalid.
403	0: Token Validation Failed
429	5: Too many requests.
503	7: Two step verification is currently under maintenance.

`postUsersUseridChallengesCrossDeviceRetract`

POST /v1/users/:userId/challenges/cross-device/retract

Reverts a user’s dialog state from ACTIVE to PENDING.

Usage

import { fetchApi } from 'rozod';
import { postUsersUseridChallengesCrossDeviceRetract } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(postUsersUseridChallengesCrossDeviceRetract, {
  userId: /* integer */,
  body: { /* ... */ }
});

Parameters

Name	Type	Required	Description
`userId`	`integer`	Yes	The user ID.

Request Body

Field	Type	Description
`challengeId`	`string`
`actionType`	`“Unknown"	"Login"

Response

Type: unknown

Errors

Status	Description
400	1: Invalid challenge ID. 2: The user ID is invalid.
403	0: Token Validation Failed 19: Challenge denied.
503	7: Two step verification is currently under maintenance.

`postUsersUseridChallengesCrossDeviceRetry`

POST /v1/users/:userId/challenges/cross-device/retry

Retry a Cross Device two step verification approval.

Usage

import { fetchApi } from 'rozod';
import { postUsersUseridChallengesCrossDeviceRetry } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(postUsersUseridChallengesCrossDeviceRetry, {
  userId: /* integer */,
  body: { /* ... */ }
});

Parameters

Name	Type	Required	Description
`userId`	`integer`	Yes	The user ID.

Request Body

Field	Type	Description
`challengeId`	`string`
`actionType`	`“Unknown"	"Login"

Response

Type: unknown

Errors

Status	Description
400	1: Invalid challenge ID. 2: The user ID is invalid.
403	0: Token Validation Failed 19: Challenge denied.
503	7: Two step verification is currently under maintenance.

`postUsersUseridChallengesCrossDeviceVerify`

POST /v1/users/:userId/challenges/cross-device/verify

Verifies a two step verification approval via Cross Device. Cross Device approval does not use a verification code.

Usage

import { fetchApi } from 'rozod';
import { postUsersUseridChallengesCrossDeviceVerify } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(postUsersUseridChallengesCrossDeviceVerify, {
  userId: /* integer */,
  body: { /* ... */ }
});

Parameters

Name	Type	Required	Description
`userId`	`integer`	Yes	The user ID.

Request Body

Field	Type	Description
`challengeId`	`string`
`actionType`	`“Unknown"	"Login"

Response

Field	Type	Description
`verificationToken`	`string`

Errors

Status	Description
400	0: An unknown error occurred with the request. 1: Invalid challenge ID. 2: The user ID is invalid.
403	0: Token Validation Failed 19: Challenge denied.
503	7: Two step verification is currently under maintenance.

`postUsersUseridChallengesEmailSendCode`

POST /v1/users/:userId/challenges/email/send-code

Sends a two step verification challenge code via email.

Usage

import { fetchApi } from 'rozod';
import { postUsersUseridChallengesEmailSendCode } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(postUsersUseridChallengesEmailSendCode, {
  userId: /* integer */,
  body: { /* ... */ }
});

Parameters

Name	Type	Required	Description
`userId`	`integer`	Yes	The user ID.

Request Body

Field	Type	Description
`challengeId`	`string`
`actionType`	`“Unknown"	"Login"

Response

Type: unknown

Errors

Status	Description
400	1: Invalid challenge ID.
403	0: Token Validation Failed 2: The user ID is invalid.
429	5: Too many requests.
503	7: Two step verification is currently under maintenance.

`postUsersUseridChallengesEmailVerify`

POST /v1/users/:userId/challenges/email/verify

Verifies a two step verification challenge with a code sent via email.

Usage

import { fetchApi } from 'rozod';
import { postUsersUseridChallengesEmailVerify } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(postUsersUseridChallengesEmailVerify, {
  userId: /* integer */,
  body: { /* ... */ }
});

Parameters

Name	Type	Required	Description
`userId`	`integer`	Yes	The user ID.

Request Body

Field	Type	Description
`challengeId`	`string`
`actionType`	`“Unknown"	"Login"
`code`	`string`

Response

Field	Type	Description
`verificationToken`	`string`

Errors

Status	Description
400	1: Invalid challenge ID. 10: The two step verification challenge code is invalid.
403	0: Token Validation Failed 2: The user ID is invalid.
429	5: Too many requests.
503	7: Two step verification is currently under maintenance.

`postUsersUseridChallengesPasskeyVerifyFinish`

POST /v1/users/:userId/challenges/passkey/verify-finish

Validates the assertion data returned by the passkey.

Usage

import { fetchApi } from 'rozod';
import { postUsersUseridChallengesPasskeyVerifyFinish } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(postUsersUseridChallengesPasskeyVerifyFinish, {
  userId: /* integer */,
  body: { /* ... */ }
});

Parameters

Name	Type	Required	Description
`userId`	`integer`	Yes	The user ID.

Request Body

Field	Type	Description
`challengeId`	`string`
`actionType`	`“Unknown"	"Login"
`code`	`string`

Response

Field	Type	Description
`verificationToken`	`string`

Errors

Status	Description
400	1: Invalid challenge ID. 2: The user ID is invalid. 10: The two step verification challenge code is invalid.
403	0: Token Validation Failed
503	7: Two step verification is currently under maintenance.

`postUsersUseridChallengesPasskeyVerifyStart`

POST /v1/users/:userId/challenges/passkey/verify-start

Provides a challenge for the passkey to authenticate.

Usage

import { fetchApi } from 'rozod';
import { postUsersUseridChallengesPasskeyVerifyStart } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(postUsersUseridChallengesPasskeyVerifyStart, {
  userId: /* integer */,
  body: { /* ... */ }
});

Parameters

Name	Type	Required	Description
`userId`	`integer`	Yes	The user ID.

Request Body

Field	Type	Description
`challengeId`	`string`
`actionType`	`“Unknown"	"Login"

Response

Field	Type	Description
`authenticationOptions`	`string`
`sessionId`	`string`

Errors

Status	Description
400	1: Invalid challenge ID. 2: The user ID is invalid.
403	0: Token Validation Failed 8: The user is not allowed to perform the requested action.
503	7: Two step verification is currently under maintenance.

`postUsersUseridChallengesPasswordVerify`

POST /v1/users/:userId/challenges/password/verify

Verifies a two step verification challenge with a password (code).

Usage

import { fetchApi } from 'rozod';
import { postUsersUseridChallengesPasswordVerify } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(postUsersUseridChallengesPasswordVerify, {
  userId: /* integer */,
  body: { /* ... */ }
});

Parameters

Name	Type	Required	Description
`userId`	`integer`	Yes	The user ID.

Request Body

Field	Type	Description
`challengeId`	`string`
`actionType`	`“Unknown"	"Login"
`code`	`string`

Response

Field	Type	Description
`verificationToken`	`string`

Errors

Status	Description
400	1: Invalid challenge ID. 4: The password is invalid.
403	0: Token Validation Failed 2: The user ID is invalid.
429	5: Too many requests.
503	7: Two step verification is currently under maintenance.

`postUsersUseridChallengesRecoveryCodesVerify`

POST /v1/users/:userId/challenges/recovery-codes/verify

Verifies a two step verification challenge via a recovery code.

Usage

import { fetchApi } from 'rozod';
import { postUsersUseridChallengesRecoveryCodesVerify } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(postUsersUseridChallengesRecoveryCodesVerify, {
  userId: /* integer */,
  body: { /* ... */ }
});

Parameters

Name	Type	Required	Description
`userId`	`integer`	Yes	The user ID.

Request Body

Field	Type	Description
`challengeId`	`string`
`actionType`	`“Unknown"	"Login"
`code`	`string`

Response

Field	Type	Description
`verificationToken`	`string`

Errors

Status	Description
400	1: Invalid challenge ID. 2: The user ID is invalid. 10: The two step verification challenge code is invalid.
403	0: Token Validation Failed
429	5: Too many requests.
503	7: Two step verification is currently under maintenance.

`postUsersUseridChallengesSecurityKeyVerifyFinish`

POST /v1/users/:userId/challenges/security-key/verify-finish

Validates the assertion data returned by the security key.

Usage

import { fetchApi } from 'rozod';
import { postUsersUseridChallengesSecurityKeyVerifyFinish } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(postUsersUseridChallengesSecurityKeyVerifyFinish, {
  userId: /* integer */,
  body: { /* ... */ }
});

Parameters

Name	Type	Required	Description
`userId`	`integer`	Yes	The user ID.

Request Body

Field	Type	Description
`challengeId`	`string`
`actionType`	`“Unknown"	"Login"
`code`	`string`

Response

Field	Type	Description
`verificationToken`	`string`

Errors

Status	Description
400	1: Invalid challenge ID. 2: The user ID is invalid. 10: The two step verification challenge code is invalid.
403	0: Token Validation Failed
503	7: Two step verification is currently under maintenance.

`postUsersUseridChallengesSecurityKeyVerifyStart`

POST /v1/users/:userId/challenges/security-key/verify-start

Provides a challenge for the security key to authenticate.

Usage

import { fetchApi } from 'rozod';
import { postUsersUseridChallengesSecurityKeyVerifyStart } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(postUsersUseridChallengesSecurityKeyVerifyStart, {
  userId: /* integer */,
  body: { /* ... */ }
});

Parameters

Name	Type	Required	Description
`userId`	`integer`	Yes	The user ID.

Request Body

Field	Type	Description
`challengeId`	`string`
`actionType`	`“Unknown"	"Login"

Response

Field	Type	Description
`authenticationOptions`	`string`
`sessionId`	`string`

Errors

Status	Description
400	1: Invalid challenge ID. 2: The user ID is invalid.
403	0: Token Validation Failed 8: The user is not allowed to perform the requested action.
503	7: Two step verification is currently under maintenance.

`postUsersUseridChallengesSmsSendCode`

POST /v1/users/:userId/challenges/sms/send-code

Sends a two step verification code via SMS for the specified user.

Usage

import { fetchApi } from 'rozod';
import { postUsersUseridChallengesSmsSendCode } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(postUsersUseridChallengesSmsSendCode, {
  userId: /* integer */,
  body: { /* ... */ }
});

Parameters

Name	Type	Required	Description
`userId`	`integer`	Yes	The user ID.

Request Body

Field	Type	Description
`challengeId`	`string`
`actionType`	`“Unknown"	"Login"

Response

Type: unknown

Errors

Status	Description
400	1: Invalid challenge ID.
403	0: Token Validation Failed 2: The user ID is invalid.
429	5: Too many requests.
503	7: Two step verification is currently under maintenance.

`postUsersUseridChallengesSmsVerify`

POST /v1/users/:userId/challenges/sms/verify

Verifies a two step verification challenge with a code sent via SMS.

Usage

import { fetchApi } from 'rozod';
import { postUsersUseridChallengesSmsVerify } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(postUsersUseridChallengesSmsVerify, {
  userId: /* integer */,
  body: { /* ... */ }
});

Parameters

Name	Type	Required	Description
`userId`	`integer`	Yes	The user ID.

Request Body

Field	Type	Description
`challengeId`	`string`
`actionType`	`“Unknown"	"Login"
`code`	`string`

Response

Field	Type	Description
`verificationToken`	`string`

Errors

Status	Description
400	1: Invalid challenge ID. 2: The user ID is invalid. 10: The two step verification challenge code is invalid.
403	0: Token Validation Failed
429	5: Too many requests.
503	7: Two step verification is currently under maintenance.

`getUsersUseridConfiguration`

GET /v1/users/:userId/configuration

Gets two step verification configuration for the specified user.

Usage

import { fetchApi } from 'rozod';
import { getUsersUseridConfiguration } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(getUsersUseridConfiguration, {
  userId: /* integer */,
  challengeId: /* string? */
});

Parameters

Name	Type	Required	Description
`userId`	`integer`	Yes	The Id of the user to get the configuration for.
`challengeId`	`string?`	No	The active challenge for the user (as an alternative when the user is unauthenticated).

Response

Field	Type	Description
`primaryMediaType`	`0	1
`methods`	`object[]`	See below

methods[] item fields:

Field	Type	Description
`mediaType`	`“Email"	"SMS"
`enabled`	`boolean`
`updated`	`string`

Errors

Status	Description
400	1: Invalid challenge ID.
403	2: The user ID is invalid.

`postUsersUseridConfigurationAuthenticatorDisable`

POST /v1/users/:userId/configuration/authenticator/disable

Disables two step verification via authenticator for the specified user.

Usage

import { fetchApi } from 'rozod';
import { postUsersUseridConfigurationAuthenticatorDisable } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(postUsersUseridConfigurationAuthenticatorDisable, {
  userId: /* integer */,
  body: { /* ... */ }
});

Parameters

Name	Type	Required	Description
`userId`	`integer`	Yes	The user ID.

Request Body

Field	Type	Description
`password`	`string`
`reauthenticationToken`	`string`

Response

Type: unknown

Errors

Status	Description
400	2: The user ID is invalid. 4: The password is invalid.
401	0: Authorization has been denied for this request.
403	0: Token Validation Failed 8: The user is not allowed to perform the requested action.
429	5: Too many requests.
503	7: Two step verification is currently under maintenance.

`postUsersUseridConfigurationAuthenticatorEnable`

POST /v1/users/:userId/configuration/authenticator/enable

Initiates enabling authenticator-based two step verification for the specified user.

Usage

import { fetchApi } from 'rozod';
import { postUsersUseridConfigurationAuthenticatorEnable } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(postUsersUseridConfigurationAuthenticatorEnable, {
  userId: /* integer */,
  body: { /* ... */ }
});

Parameters

Name	Type	Required	Description
`userId`	`integer`	Yes	The user ID.

Request Body

Field	Type	Description
`password`	`string`
`secureAuthenticationIntent`	`object`	See below

secureAuthenticationIntent fields:

Field	Type	Description
`clientPublicKey`	`string`
`clientEpochTimestamp`	`number`
`saiSignature`	`string`
`serverNonce`	`string`

Response

Field	Type	Description
`setupToken`	`string`
`qrCodeImageUrl`	`string`
`manualEntryKey`	`string`

Errors

Status	Description
400	2: The user ID is invalid. 3: The email is invalid. 4: The password is invalid.
401	0: Authorization has been denied for this request.
403	0: Token Validation Failed 11: The two step verification configuration is already enabled.
503	7: Two step verification is currently under maintenance.

`postUsersUseridConfigurationAuthenticatorEnableVerify`

POST /v1/users/:userId/configuration/authenticator/enable-verify

Finishes enabling authenticator-based two step verification for the specified user.

Usage

import { fetchApi } from 'rozod';
import { postUsersUseridConfigurationAuthenticatorEnableVerify } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(postUsersUseridConfigurationAuthenticatorEnableVerify, {
  userId: /* integer */,
  body: { /* ... */ }
});

Parameters

Name	Type	Required	Description
`userId`	`integer`	Yes	The user ID.

Request Body

Field	Type	Description
`setupToken`	`string`
`code`	`string`
`password`	`string`
`secureAuthenticationIntent`	`object`	See below

secureAuthenticationIntent fields:

Field	Type	Description
`clientPublicKey`	`string`
`clientEpochTimestamp`	`number`
`saiSignature`	`string`
`serverNonce`	`string`

Response

Field	Type	Description
`recoveryCodes`	`string[]`

Errors

Status	Description
400	2: The user ID is invalid. 4: The password is invalid. 10: The two step verification challenge code is invalid. 12: Invalid setup token.
401	0: Authorization has been denied for this request.
403	0: Token Validation Failed 11: The two step verification configuration is already enabled.
503	7: Two step verification is currently under maintenance.

`postUsersUseridConfigurationEmailDisable`

POST /v1/users/:userId/configuration/email/disable

Disables two step verification via email for the specified user.

Usage

import { fetchApi } from 'rozod';
import { postUsersUseridConfigurationEmailDisable } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(postUsersUseridConfigurationEmailDisable, {
  userId: /* integer */,
  body: { /* ... */ }
});

Parameters

Name	Type	Required	Description
`userId`	`integer`	Yes	The user ID.

Request Body

Field	Type	Description
`password`	`string`
`reauthenticationToken`	`string`

Response

Type: unknown

Errors

Status	Description
400	4: The password is invalid.
401	0: Authorization has been denied for this request.
403	0: Token Validation Failed 2: The user ID is invalid. 8: The user is not allowed to perform the requested action.
429	5: Too many requests.
503	7: Two step verification is currently under maintenance.

`postUsersUseridConfigurationEmailEnable`

POST /v1/users/:userId/configuration/email/enable

Enables two step verification via email for the specified user.

Usage

import { fetchApi } from 'rozod';
import { postUsersUseridConfigurationEmailEnable } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(postUsersUseridConfigurationEmailEnable, {
  userId: /* integer */,
  body: { /* ... */ }
});

Parameters

Name	Type	Required	Description
`userId`	`integer`	Yes	The user ID.

Request Body

Field	Type	Description
`password`	`string`
`secureAuthenticationIntent`	`object`	See below

secureAuthenticationIntent fields:

Field	Type	Description
`clientPublicKey`	`string`
`clientEpochTimestamp`	`number`
`saiSignature`	`string`
`serverNonce`	`string`

Response

Type: unknown

Errors

Status	Description
400	3: The email is invalid. 4: The password is invalid.
401	0: Authorization has been denied for this request.
403	0: Token Validation Failed 2: The user ID is invalid.
503	7: Two step verification is currently under maintenance.

`postUsersUseridConfigurationSecurityKeyDisable`

POST /v1/users/:userId/configuration/security-key/disable

Disables a batch of credentials for the specified user.

Usage

import { fetchApi } from 'rozod';
import { postUsersUseridConfigurationSecurityKeyDisable } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(postUsersUseridConfigurationSecurityKeyDisable, {
  userId: /* integer */,
  body: { /* ... */ }
});

Parameters

Name	Type	Required	Description
`userId`	`integer`	Yes	The user ID.

Request Body

Field	Type	Description
`credentialNicknames`	`string[]`

Response

Type: unknown

Errors

Status	Description
400	4: The password is invalid.
401	0: Authorization has been denied for this request.
403	0: Token Validation Failed 8: The user is not allowed to perform the requested action.
503	7: Two step verification is currently under maintenance.

`postUsersUseridConfigurationSecurityKeyEnable`

POST /v1/users/:userId/configuration/security-key/enable

Initiates security key registration by providing credential creation options.

Usage

import { fetchApi } from 'rozod';
import { postUsersUseridConfigurationSecurityKeyEnable } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(postUsersUseridConfigurationSecurityKeyEnable, {
  userId: /* integer */,
  body: { /* ... */ }
});

Parameters

Name	Type	Required	Description
`userId`	`integer`	Yes	The user ID.

Request Body

Field	Type	Description
`password`	`string`
`secureAuthenticationIntent`	`object`	See below

secureAuthenticationIntent fields:

Field	Type	Description
`clientPublicKey`	`string`
`clientEpochTimestamp`	`number`
`saiSignature`	`string`
`serverNonce`	`string`

Response

Field	Type	Description
`creationOptions`	`string`
`sessionId`	`string`

Errors

Status	Description
400	2: The user ID is invalid. 4: The password is invalid.
401	0: Authorization has been denied for this request.
403	0: Token Validation Failed 9: The two step verification configuration is invalid for this action. 16: Reached limit of security keys registered.
503	7: Two step verification is currently under maintenance.

`postUsersUseridConfigurationSecurityKeyEnableVerify`

POST /v1/users/:userId/configuration/security-key/enable-verify

Finishes security key registration and stores credential. Enables security key as a 2sv media type if it is a user’s first key.

Usage

import { fetchApi } from 'rozod';
import { postUsersUseridConfigurationSecurityKeyEnableVerify } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(postUsersUseridConfigurationSecurityKeyEnableVerify, {
  userId: /* integer */,
  body: { /* ... */ }
});

Parameters

Name	Type	Required	Description
`userId`	`integer`	Yes	The user ID.

Request Body

Field	Type	Description
`sessionId`	`string`
`credentialNickname`	`string`
`attestationResponse`	`string`

Response

Type: unknown

Errors

Status	Description
400	2: The user ID is invalid. 17: Invalid security key nickname.
401	0: Authorization has been denied for this request.
403	0: Token Validation Failed 17: Invalid security key nickname.
503	7: Two step verification is currently under maintenance.

`postUsersUseridConfigurationSecurityKeyList`

POST /v1/users/:userId/configuration/security-key/list

List a user’s registered security keys.

Usage

import { fetchApi } from 'rozod';
import { postUsersUseridConfigurationSecurityKeyList } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(postUsersUseridConfigurationSecurityKeyList, {
  userId: /* integer */
});

Parameters

Name	Type	Required	Description
`userId`	`integer`	Yes	The user ID.

Response

Field	Type	Description
`credentials`	`object[]`	See below

credentials[] item fields:

Field	Type	Description
`nickname`	`string`

Errors

Status	Description
400	2: The user ID is invalid.
401	0: Authorization has been denied for this request.
403	0: Token Validation Failed
503	7: Two step verification is currently under maintenance.

`postUsersUseridConfigurationSmsDisable`

POST /v1/users/:userId/configuration/sms/disable

Disables two step verification via SMS for the specified user.

Usage

import { fetchApi } from 'rozod';
import { postUsersUseridConfigurationSmsDisable } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(postUsersUseridConfigurationSmsDisable, {
  userId: /* integer */,
  body: { /* ... */ }
});

Parameters

Name	Type	Required	Description
`userId`	`integer`	Yes	The user ID.

Request Body

Field	Type	Description
`password`	`string`
`reauthenticationToken`	`string`

Response

Type: unknown

Errors

Status	Description
400	4: The password is invalid.
401	0: Authorization has been denied for this request.
403	0: Token Validation Failed 2: The user ID is invalid. 8: The user is not allowed to perform the requested action.
429	5: Too many requests.
503	7: Two step verification is currently under maintenance.

`postUsersUseridConfigurationSmsEnable`

POST /v1/users/:userId/configuration/sms/enable

Enables two step verification via SMS for the specified user.

Usage

import { fetchApi } from 'rozod';
import { postUsersUseridConfigurationSmsEnable } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(postUsersUseridConfigurationSmsEnable, {
  userId: /* integer */,
  body: { /* ... */ }
});

Parameters

Name	Type	Required	Description
`userId`	`integer`	Yes	The user ID.

Request Body

Field	Type	Description
`password`	`string`
`secureAuthenticationIntent`	`object`	See below

secureAuthenticationIntent fields:

Field	Type	Description
`clientPublicKey`	`string`
`clientEpochTimestamp`	`number`
`saiSignature`	`string`
`serverNonce`	`string`

Response

Type: unknown

Errors

Status	Description
400	4: The password is invalid. 15: The phone number is invalid.
401	0: Authorization has been denied for this request.
403	0: Token Validation Failed 2: The user ID is invalid.
503	7: Two step verification is currently under maintenance. 8: The user is not allowed to perform the requested action.

`getUsersUseridRecoveryCodes`

GET /v1/users/:userId/recovery-codes

Gets the current status of recovery codes for a user.

Usage

import { fetchApi } from 'rozod';
import { getUsersUseridRecoveryCodes } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(getUsersUseridRecoveryCodes, {
  userId: /* integer */
});

Parameters

Name	Type	Required	Description
`userId`	`integer`	Yes	The user ID.

Response

Field	Type	Description
`activeCount`	`number`
`created`	`string`

Errors

Status	Description
400	2: The user ID is invalid.
401	0: Authorization has been denied for this request.
503	7: Two step verification is currently under maintenance.

`postUsersUseridRecoveryCodesClear`

POST /v1/users/:userId/recovery-codes/clear

Clears any existing recovery codes for the user.

Usage

import { fetchApi } from 'rozod';
import { postUsersUseridRecoveryCodesClear } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(postUsersUseridRecoveryCodesClear, {
  userId: /* integer */,
  body: { /* ... */ }
});

Parameters

Name	Type	Required	Description
`userId`	`integer`	Yes	The user ID.

Request Body

Field	Type	Description
`password`	`string`

Response

Type: unknown

Errors

Status	Description
400	2: The user ID is invalid. 4: The password is invalid.
401	0: Authorization has been denied for this request.
403	0: Token Validation Failed
429	5: Too many requests.
503	7: Two step verification is currently under maintenance.

`postUsersUseridRecoveryCodesRegenerate`

POST /v1/users/:userId/recovery-codes/regenerate

Clears any existing recovery codes and generates a new batch of recovery codes.

Usage

import { fetchApi } from 'rozod';
import { postUsersUseridRecoveryCodesRegenerate } from 'rozod/lib/endpoints/twostepverificationv1';

const data = await fetchApi(postUsersUseridRecoveryCodesRegenerate, {
  userId: /* integer */,
  body: { /* ... */ }
});

Parameters

Name	Type	Required	Description
`userId`	`integer`	Yes	The user ID to generate recovery codes for.

Request Body

Field	Type	Description
`password`	`string`

Response

Field	Type	Description
`recoveryCodes`	`string[]`

Errors

Status	Description
400	2: The user ID is invalid. 4: The password is invalid.
401	0: Authorization has been denied for this request.
403	0: Token Validation Failed
429	5: Too many requests.
503	7: Two step verification is currently under maintenance.