You can call this operation to lock virtual MFA devices that are in the NORMAL state.


After a virtual MFA device is locked, its status changes to LOCKED. The AD user who uses the virtual MFA device is unable to authenticate the device and is therefore unable to log on to the client. You can call the UnlockVirtualMFADevice operation to unlock the device.


OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes LockVirtualMFADevice

The operation that you want to perform. Set the value to LockVirtualMFADevice.

RegionId String Yes cn-hangzhou

The region ID of the virtual MFA device.

SerialNumber String Yes a25f297f-f2e1-4a44-bbf1-5f48a6e5****

The serial number of the virtual MFA device, which is a unique identifier.

Response parameters

Parameter Type Example Description
RequestId String FB550AAB-FB36-4A91-93F6-F4374AF65403

The ID of the request.


Sample requests
&<Common request parameters>

Sample success responses

XML format


JSON format


Error codes

For a list of error codes, visit the API Error Center.