Add Second Factor (2FA)

POST 
https://$CUSTOM-DOMAIN/management/v1/policies/login/second_factors

Add a new second factor (2FA) to the login settings of the organization. Users will have the possibility to authenticate with the configured factor afterward. Authentication factors are used as an additional factor to add more security to your users (e.g. Authentication App, FingerPrint, Windows Hello, etc). Per definition, it is called a second factor as it is used as an additional authentication after a password. In the UI we generalize this as multi-factor.

Request

Header Parameters

x-zitadel-orgid string

The default is always the organization of the requesting user. If you like to get/set a result of another organization include the header. Make sure the user has permission to access the requested data.

application/json

Body

required

type - SECOND_FACTOR_TYPE_OTP: SECOND_FACTOR_TYPE_OTP is the type for TOTP (string)

Possible values: [SECOND_FACTOR_TYPE_UNSPECIFIED, SECOND_FACTOR_TYPE_OTP, SECOND_FACTOR_TYPE_U2F, SECOND_FACTOR_TYPE_OTP_EMAIL, SECOND_FACTOR_TYPE_OTP_SMS]

Default value: SECOND_FACTOR_TYPE_UNSPECIFIED

application/grpc

Body

required

type - SECOND_FACTOR_TYPE_OTP: SECOND_FACTOR_TYPE_OTP is the type for TOTP (string)

Possible values: [SECOND_FACTOR_TYPE_UNSPECIFIED, SECOND_FACTOR_TYPE_OTP, SECOND_FACTOR_TYPE_U2F, SECOND_FACTOR_TYPE_OTP_EMAIL, SECOND_FACTOR_TYPE_OTP_SMS]

Default value: SECOND_FACTOR_TYPE_UNSPECIFIED

application/grpc-web+proto

Body

required

type - SECOND_FACTOR_TYPE_OTP: SECOND_FACTOR_TYPE_OTP is the type for TOTP (string)

Possible values: [SECOND_FACTOR_TYPE_UNSPECIFIED, SECOND_FACTOR_TYPE_OTP, SECOND_FACTOR_TYPE_U2F, SECOND_FACTOR_TYPE_OTP_EMAIL, SECOND_FACTOR_TYPE_OTP_SMS]

Default value: SECOND_FACTOR_TYPE_UNSPECIFIED

Responses

200

A successful response.

application/json

Schema

Schema

details

object

sequence uint64

on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation

creationDate date-time

on read: the timestamp of the first event of the object

on create: the timestamp of the event(s) added by the manipulation

changeDate date-time

on read: the timestamp of the last event reduced by the projection

on manipulation: the

resourceOwner resource_owner is the organization an object belongs to (string)

Example (from schema)

{
  "details": {
    "sequence": "2",
    "creationDate": "2025-03-25T17:01:19.302Z",
    "changeDate": "2025-03-25T17:01:19.302Z",
    "resourceOwner": "69629023906488334"
  }
}

application/grpc

Schema

Schema

details

object

sequence uint64

on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation

creationDate date-time

on read: the timestamp of the first event of the object

on create: the timestamp of the event(s) added by the manipulation

changeDate date-time

on read: the timestamp of the last event reduced by the projection

on manipulation: the

resourceOwner resource_owner is the organization an object belongs to (string)

Example (from schema)

{
  "details": {
    "sequence": "2",
    "creationDate": "2025-03-25T17:01:19.302Z",
    "changeDate": "2025-03-25T17:01:19.302Z",
    "resourceOwner": "69629023906488334"
  }
}

application/grpc-web+proto

Schema

Schema

details

object

sequence uint64

on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation

creationDate date-time

on read: the timestamp of the first event of the object

on create: the timestamp of the event(s) added by the manipulation

changeDate date-time

on read: the timestamp of the last event reduced by the projection

on manipulation: the

resourceOwner resource_owner is the organization an object belongs to (string)

Example (from schema)

{
  "details": {
    "sequence": "2",
    "creationDate": "2025-03-25T17:01:19.303Z",
    "changeDate": "2025-03-25T17:01:19.303Z",
    "resourceOwner": "69629023906488334"
  }
}

default

An unexpected error response.

application/json

Schema

Schema

code int32
message string

details

object[]

Array [

@type string

]

Example (from schema)

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

application/grpc

Schema

Schema

code int32
message string

details

object[]

Array [

@type string

]

Example (from schema)

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

application/grpc-web+proto

Schema

Schema

code int32
message string

details

object[]

Array [

@type string

]

Example (from schema)

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

• curl
• python
• go
• nodejs
• ruby
• csharp
• php
• java
• powershell

• CURL

curl -L 'https://$CUSTOM-DOMAIN/management/v1/policies/login/second_factors' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
-d '{
  "type": "SECOND_FACTOR_TYPE_OTP"
}'

Request Collapse all

Base URL

https://$CUSTOM-DOMAIN/management/v1

Auth

Bearer Token

Parameters

x-zitadel-orgid — header

Body required

Content-Type

application/jsonapplication/grpcapplication/grpc-web+proto

{
  "type": "SECOND_FACTOR_TYPE_OTP"
}

ResponseClear

Click the Send API Request button above and see the response here!