Identity Toolkit API . accounts . mfaEnrollment

Instance Methods

close()

Close httplib2 connections.

finalize(body=None, x__xgafv=None)

Finishes enrolling a second factor for the user.

start(body=None, x__xgafv=None)

Step one of the MFA enrollment process. In SMS case, this sends an SMS verification code to the user.

withdraw(body=None, x__xgafv=None)

Revokes one second factor from the enrolled second factors for an account.

Method Details

close() 
Close httplib2 connections.
finalize(body=None, x__xgafv=None) 
Finishes enrolling a second factor for the user.

Args:
  body: object, The request body.
    The object takes the form of:

{ # Finishes enrolling a second factor for the user.
  "displayName": "A String", # Display name which is entered by users to distinguish between different second factors with same type or different type.
  "idToken": "A String", # Required. ID token.
  "phoneVerificationInfo": { # Phone Verification info for a FinalizeMfa request. # Verification info to authorize sending an SMS for phone verification.
    "androidVerificationProof": "A String", # Android only. Uses for "instant" phone number verification though GmsCore.
    "code": "A String", # User-entered verification code.
    "phoneNumber": "A String", # Required if Android verification proof is presented.
    "sessionInfo": "A String", # An opaque string that represents the enrollment session.
  },
  "tenantId": "A String", # The ID of the Identity Platform tenant that the user enrolling MFA belongs to. If not set, the user belongs to the default Identity Platform project.
  "totpVerificationInfo": { # Mfa request info specific to TOTP auth for FinalizeMfa. # Verification information for TOTP.
    "sessionInfo": "A String", # An opaque string that represents the enrollment session.
    "verificationCode": "A String", # User-entered verification code.
  },
}

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # FinalizeMfaEnrollment response.
  "idToken": "A String", # ID token updated to reflect MFA enrollment.
  "phoneAuthInfo": { # Phone Verification info for a FinalizeMfa response. # Auxiliary auth info specific to phone auth.
    "androidVerificationProof": "A String", # Android only. Long-lived replacement for valid code tied to android device.
    "androidVerificationProofExpireTime": "A String", # Android only. Expiration time of verification proof in seconds.
    "phoneNumber": "A String", # For Android verification proof.
  },
  "refreshToken": "A String", # Refresh token updated to reflect MFA enrollment.
  "totpAuthInfo": { # Mfa response info specific to TOTP auth for FinalizeMfa. # Auxiliary auth info specific to TOTP auth.
  },
}
start(body=None, x__xgafv=None) 
Step one of the MFA enrollment process. In SMS case, this sends an SMS verification code to the user.

Args:
  body: object, The request body.
    The object takes the form of:

{ # Sends MFA enrollment verification SMS for a user.
  "idToken": "A String", # Required. User's ID token.
  "phoneEnrollmentInfo": { # App Verification info for a StartMfa request. # Verification info to authorize sending an SMS for phone verification.
    "autoRetrievalInfo": { # The information required to auto-retrieve an SMS. # Android only. Used by Google Play Services to identify the app for auto-retrieval.
      "appSignatureHash": "A String", # The Android app's signature hash for Google Play Service's SMS Retriever API.
    },
    "captchaResponse": "A String", # The reCAPTCHA Enterprise token provided by the reCAPTCHA client-side integration. Required when reCAPTCHA enterprise is enabled.
    "clientType": "A String", # The client type, web, android or ios. Required when reCAPTCHA Enterprise is enabled.
    "iosReceipt": "A String", # iOS only. Receipt of successful app token validation with APNS.
    "iosSecret": "A String", # iOS only. Secret delivered to iOS app via APNS.
    "phoneNumber": "A String", # Required for enrollment. Phone number to be enrolled as MFA.
    "playIntegrityToken": "A String", # Android only. Used to assert application identity in place of a recaptcha token (or safety net token). A Play Integrity Token can be generated via the [PlayIntegrity API] (https://developer.android.com/google/play/integrity) with applying SHA256 to the `phone_number` field as the nonce.
    "recaptchaToken": "A String", # Web only. Recaptcha solution.
    "recaptchaVersion": "A String", # The reCAPTCHA version of the reCAPTCHA token in the captcha_response. Required when reCAPTCHA Enterprise is enabled.
    "safetyNetToken": "A String", # Android only. Used to assert application identity in place of a recaptcha token. A SafetyNet Token can be generated via the [SafetyNet Android Attestation API](https://developer.android.com/training/safetynet/attestation.html), with the Base64 encoding of the `phone_number` field as the nonce.
  },
  "tenantId": "A String", # The ID of the Identity Platform tenant that the user enrolling MFA belongs to. If not set, the user belongs to the default Identity Platform project.
  "totpEnrollmentInfo": { # Mfa request info specific to TOTP auth for StartMfa. # Sign-in info specific to TOTP auth.
  },
}

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # StartMfaEnrollment response.
  "phoneSessionInfo": { # Phone Verification info for a StartMfa response. # Verification info to authorize sending an SMS for phone verification.
    "sessionInfo": "A String", # An opaque string that represents the enrollment session.
  },
  "totpSessionInfo": { # Mfa response info specific to TOTP auth for StartMfa. # Enrollment response info specific to TOTP auth.
    "finalizeEnrollmentTime": "A String", # The time by which the enrollment must finish.
    "hashingAlgorithm": "A String", # The hashing algorithm used to generate the verification code.
    "periodSec": 42, # Duration in seconds at which the verification code will change.
    "sessionInfo": "A String", # An encoded string that represents the enrollment session.
    "sharedSecretKey": "A String", # A base 32 encoded string that represents the shared TOTP secret. The base 32 encoding is the one specified by [RFC4648#section-6](https://datatracker.ietf.org/doc/html/rfc4648#section-6). (This is the same as the base 32 encoding from [RFC3548#section-5](https://datatracker.ietf.org/doc/html/rfc3548#section-5).)
    "verificationCodeLength": 42, # The length of the verification code that needs to be generated.
  },
}
withdraw(body=None, x__xgafv=None) 
Revokes one second factor from the enrolled second factors for an account.

Args:
  body: object, The request body.
    The object takes the form of:

{ # Withdraws MFA.
  "idToken": "A String", # Required. User's ID token.
  "mfaEnrollmentId": "A String", # Required. MFA enrollment id from a current MFA enrollment.
  "tenantId": "A String", # The ID of the Identity Platform tenant that the user unenrolling MFA belongs to. If not set, the user belongs to the default Identity Platform project.
}

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # Withdraws MultiFactorAuth response.
  "idToken": "A String", # ID token updated to reflect removal of the second factor.
  "refreshToken": "A String", # Refresh token updated to reflect removal of the second factor.
}