Remind all members without 2FA to enrol
POST/api/v1/organizations/current/mfa-reminders
Send an in-app 2FA-enrolment reminder to every member without 2FA.
Admin/owner only — the same audience as the 2FA dashboard. The reminder is
an in-app alert notification linking back to settings; we never email a
code or any secret. The bulk send is rate-limited (5 / hour / IP) so it
can't be used to spam members. One org_mfa_reminders_sent audit event
records who triggered the run and how many members were notified.
- API-key scope required:
members:read.
Responses
- 200
- 400
- 401
- 403
- 404
- 409
- 422
- 429
- 500
Successful Response
Bad request — malformed input or failed validation.
Missing, expired, or invalid credentials.
Authenticated but not authorized for this resource. Note: cross-organization reads return 404, not 403.
Resource not found, or hidden for tenant-enumeration safety (the caller lacks permission to know whether the resource exists).
Conflict — the current resource state does not allow this operation (e.g. assessment already started, email already in use).
Semantic validation failure — request shape was valid but contents were not.
Too many requests — rate limited. Retry after the window resets.
Internal server error — unexpected failure.