Get Enrolled MFA Factors Using the User GUID
get
/mfa/v1/users/{userGUID}/factors
Request
Path Parameters
-
userGUID: string
Unique identifier for User
Header Parameters
-
Authorization: string
Provide a valid OAuth Access Token that has the 'Authenticator Client' or 'MFA Client' scope.
Response
Supported Media Types
- application/json
200 Response
Example Response (application/json)
{
"status":"success",
"userGUID":"cc327268ff4d4e4a9b3e9f676215cfc7",
"factors":[
{
"displayName":"tom's Phone-1",
"factorId":"06f15bf5778544c3ae2236c5fca9d9e8",
"methods":[
"TOTP",
"PUSH"
]
},
{
"displayName":"91******003",
"factorId":"0778f15bf5778544c3ae2236c5fca9d9e8",
"methods":[
"SMS"
]
},
{
"displayName":"91******0123",
"factorId":"0778f15bf5778544c3af21336c5fca9d9e8",
"methods":[
"PHONE_CALL"
]
},
{
"displayName":"91******0143",
"factorId":"0778f15bf5778544c3af21336c523459d9e8",
"methods":[
"SMS",
"PHONE_CALL"
]
},
{
"displayName":"Tom's IPhone 2",
"factorId":"0878f15bf5778544c3ae2236c5fca9d9e8",
"methods":[
"TOTP"
]
},
{
"factorId":"SecurityQuestions",
"methods":[
"SECURITY_QUESTIONS"
]
},
{
"factorId":"BypassCode",
"methods":[
"BYPASSCODE"
]
}
],
"preferredFactorId":"0778f15bf5778544c3ae2236c5fca9d9e8",
"preferredMethod":"SMS"
}Examples
The following example shows how to retrieve a user's enrolled MFA factors by submitting a GET request on the REST resource using cURL. For more information about cURL, see Use cURL.
Since every user is uniquely identified in Oracle Identity Cloud Service using the GUID, the user needs to provide the GUID when getting their enrolled factors. However, a user may not be aware of their GUID. To support such cases, a user can make a request to get their enrolled factors by using a "filter" with the user name. See Get Enrolled MFA Factors.
cURL Command
Note:
There is an Oracle Identity Cloud Service Factor Enrollment Postman collection available. Download the collection and example environment with variables from the idcs-factor-enrollment-api folder within GitHub and import them into a REST client.Note:
The command in this example uses the URL structurehttps://tenant-base-url/resource-path, where
tenant-base-url represents the Identity Service URL, and the resource path represents the Identity Service API. See
Send Requests for the appropriate URL structure to use.
curl
-X GET
-H "Content-Type:application/scim+json"
-H "Authorization: Bearer <Access Token Value>"
https://tenant-base-url/mfa/v1/users/{userGUID}/factors
Example of Response Body
The following example shows the contents of the response body in JSON format:
{
"userGUID": "7b3d902ab05b4214bae6b2924ca6be21",
"status": "success",
"preferredFactorId": "b3e04149d958437b9b801fa70c33ca70",
"preferredMethod": "EMAIL",
"factors": [
{
"displayName": "Tom's Phone-1",
"factorId": "06f15bf5778544c3ae2236c5fca9d9e8",
"methods": [
"TOTP",
"PUSH"
]
},
{
"factorId": "SecurityQuestions",
"methods": [
"SECURITY_QUESTIONS"
]
},
{
"displayName": "155XXXXX555",
"factorId": "83889faeacaf4592a964405f87506fc6",
"methods": [
"SMS"
]
},
{
"displayName": "uxxr1@example.com",
"factorId": "b3e04149d958437b9b801fa70c33ca70",
"methods": [
"EMAIL"
]
},
{
"factorId": "BypassCode",
"methods": [
"BYPASSCODE"
]
}
]
}