Skip to main content

Start 2FA (TOTP) enrolment

POST 

/api/v1/auth/2fa/enable

Start 2FA enrolment and return a QR code and manual entry secret.

The user must confirm enrolment with POST /2fa/verify before 2FA is fully enabled; until then the generated TOTP secret is stored but totp_enabled remains false.

  • 400 if 2FA is already enabled for the caller.

Responses

Successful Response