Enables or disables multi-factor authentication (MFA) for users in a directory.
Usage notes
If a CloudSSO administrator enables username-password logon for users, CloudSSO automatically enables MFA to improve security. The administrator can call this operation to enable or disable MFA based on the business requirements.
This topic provides an example on how to enable MFA for users.
Limits
You can call this operation up to 100 times per second per account. This operation is globally limited to 100 times per second across all accounts. If the number of the calls per second exceeds a limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limits when you call this operation.
Debugging
Request parameters
| Parameter | Type | Required | Example | Description |
|---|---|---|---|---|
| Action | String | Yes | SetMFAAuthenticationStatus |
The operation that you want to perform. Set the value to SetMFAAuthenticationStatus. |
| DirectoryId | String | Yes | d-00fc2p61**** |
The ID of the directory. |
| MFAAuthenticationStatus | String | No | Enabled |
The status of MFA. Valid values:
|
For more information about common request parameters, see Common parameters.
Response parameters
| Parameter | Type | Example | Description |
|---|---|---|---|
| RequestId | String | 14E2B1A9-7713-5E6F-8409-8DE12DF51AF4 |
The ID of the request. |
Examples
Sample requests
https://[Endpoint]/?Action=SetMFAAuthenticationStatus
&DirectoryId=d-00fc2p61****
&MFAAuthenticationStatus=Enabled
&<Common request parameters>Sample success responses
XML format
HTTP/1.1 200 OK
Content-Type:application/xml
<SetMFAAuthenticationStatusResponse>
<RequestId>14E2B1A9-7713-5E6F-8409-8DE12DF51AF4</RequestId>
</SetMFAAuthenticationStatusResponse>JSON format
HTTP/1.1 200 OK
Content-Type:application/json
{
"RequestId" : "14E2B1A9-7713-5E6F-8409-8DE12DF51AF4"
}Error codes
For a list of error codes, visit the API Error Center.