Skip to main content

sailpoint.beta.MFAConfigurationApi

Configure and test multifactor authentication (MFA) methods All URIs are relative to https://sailpoint.api.identitynow.com/beta

MethodHTTP requestDescription
delete-mfa-configDELETE /mfa/{method}/deleteDelete MFA method configuration
get-mfa-duo-configGET /mfa/duo-web/configConfiguration of Duo MFA method
get-mfa-kba-configGET /mfa/kba/configConfiguration of KBA MFA method
get-mfa-okta-configGET /mfa/okta-verify/configConfiguration of Okta MFA method
set-mfa-duo-configPUT /mfa/duo-web/configSet Duo MFA configuration
set-mfa-okta-configPUT /mfa/okta-verify/configSet Okta MFA configuration
set-mfakba-configPOST /mfa/kba/config/answersSet MFA KBA configuration
test-mfa-configGET /mfa/{method}/testMFA method's test configuration

delete-mfa-config

Delete MFA method configuration This API removes the configuration for the specified MFA method.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
PathmethodstrTrueThe name of the MFA method. The currently supported method names are 'okta-verify' and 'duo-web'.

Return type

MfaOktaConfig

Responses

CodeDescriptionData TypeResponse headers
200MFA configuration of an MFA method.MfaOktaConfig-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessModelMetadataAttribute429Response-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

from sailpoint.beta.api.mfa_configuration_api import MFAConfigurationApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.mfa_okta_config import MfaOktaConfig
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
method = 'okta-verify' # str | The name of the MFA method. The currently supported method names are 'okta-verify' and 'duo-web'. # str | The name of the MFA method. The currently supported method names are 'okta-verify' and 'duo-web'.

try:
# Delete MFA method configuration

results = MFAConfigurationApi(api_client).delete_mfa_config(method=method)
# Below is a request that includes all optional parameters
# results = MFAConfigurationApi(api_client).delete_mfa_config(method)
print("The response of MFAConfigurationApi->delete_mfa_config:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling MFAConfigurationApi->delete_mfa_config: %s\n" % e)

[Back to top]

get-mfa-duo-config

Configuration of Duo MFA method This API returns the configuration of an Duo MFA method.

API Spec

Parameters

This endpoint does not need any parameter.

Return type

MfaDuoConfig

Responses

CodeDescriptionData TypeResponse headers
200The configuration of an Duo MFA method.MfaDuoConfig-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessModelMetadataAttribute429Response-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

from sailpoint.beta.api.mfa_configuration_api import MFAConfigurationApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.mfa_duo_config import MfaDuoConfig
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:

try:
# Configuration of Duo MFA method

results = MFAConfigurationApi(api_client).get_mfa_duo_config()
# Below is a request that includes all optional parameters
# results = MFAConfigurationApi(api_client).get_mfa_duo_config()
print("The response of MFAConfigurationApi->get_mfa_duo_config:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling MFAConfigurationApi->get_mfa_duo_config: %s\n" % e)

[Back to top]

get-mfa-kba-config

Configuration of KBA MFA method This API returns the KBA configuration for MFA.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
Queryall_languagesbool(optional)Indicator whether the question text should be returned in all configured languages * If true, the question text is returned in all languages that it is configured in. * If false, the question text is returned in the user locale if available, else for the default locale. * If not passed, it behaves the same way as passing this parameter as false

Return type

List[KbaQuestion]

Responses

CodeDescriptionData TypeResponse headers
200The configuration for KBA MFA method.List[KbaQuestion]-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessModelMetadataAttribute429Response-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

from sailpoint.beta.api.mfa_configuration_api import MFAConfigurationApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.kba_question import KbaQuestion
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
all_languages = allLanguages=true # bool | Indicator whether the question text should be returned in all configured languages * If true, the question text is returned in all languages that it is configured in. * If false, the question text is returned in the user locale if available, else for the default locale. * If not passed, it behaves the same way as passing this parameter as false (optional) # bool | Indicator whether the question text should be returned in all configured languages * If true, the question text is returned in all languages that it is configured in. * If false, the question text is returned in the user locale if available, else for the default locale. * If not passed, it behaves the same way as passing this parameter as false (optional)

try:
# Configuration of KBA MFA method

results = MFAConfigurationApi(api_client).get_mfa_kba_config()
# Below is a request that includes all optional parameters
# results = MFAConfigurationApi(api_client).get_mfa_kba_config(all_languages)
print("The response of MFAConfigurationApi->get_mfa_kba_config:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling MFAConfigurationApi->get_mfa_kba_config: %s\n" % e)

[Back to top]

get-mfa-okta-config

Configuration of Okta MFA method This API returns the configuration of an Okta MFA method.

API Spec

Parameters

This endpoint does not need any parameter.

Return type

MfaOktaConfig

Responses

CodeDescriptionData TypeResponse headers
200The configuration of an Okta MFA method.MfaOktaConfig-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessModelMetadataAttribute429Response-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

from sailpoint.beta.api.mfa_configuration_api import MFAConfigurationApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.mfa_okta_config import MfaOktaConfig
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:

try:
# Configuration of Okta MFA method

results = MFAConfigurationApi(api_client).get_mfa_okta_config()
# Below is a request that includes all optional parameters
# results = MFAConfigurationApi(api_client).get_mfa_okta_config()
print("The response of MFAConfigurationApi->get_mfa_okta_config:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling MFAConfigurationApi->get_mfa_okta_config: %s\n" % e)

[Back to top]

set-mfa-duo-config

Set Duo MFA configuration This API sets the configuration of an Duo MFA method.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
Bodymfa_duo_configMfaDuoConfigTrue

Return type

MfaDuoConfig

Responses

CodeDescriptionData TypeResponse headers
200MFA configuration of an Duo MFA method.MfaDuoConfig-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessModelMetadataAttribute429Response-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: application/json
  • Accept: application/json

Example

from sailpoint.beta.api.mfa_configuration_api import MFAConfigurationApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.mfa_duo_config import MfaDuoConfig
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
mfa_duo_config = '''{
"accessKey" : "qw123Y3QlA5UqocYpdU3rEkzrK2D497y",
"host" : "example.com",
"configProperties" : {
"skey" : "qwERttyZx1CdlQye2Vwtbsjr3HKddy4BAiCXjc5x",
"ikey" : "Q123WE45R6TY7890ZXCV"
},
"mfaMethod" : "duo-web",
"enabled" : true,
"identityAttribute" : "email"
}''' # MfaDuoConfig |

try:
# Set Duo MFA configuration
new_mfa_duo_config = MfaDuoConfig.from_json(mfa_duo_config)
results = MFAConfigurationApi(api_client).set_mfa_duo_config(mfa_duo_config=new_mfa_duo_config)
# Below is a request that includes all optional parameters
# results = MFAConfigurationApi(api_client).set_mfa_duo_config(new_mfa_duo_config)
print("The response of MFAConfigurationApi->set_mfa_duo_config:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling MFAConfigurationApi->set_mfa_duo_config: %s\n" % e)

[Back to top]

set-mfa-okta-config

Set Okta MFA configuration This API sets the configuration of an Okta MFA method.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
Bodymfa_okta_configMfaOktaConfigTrue

Return type

MfaOktaConfig

Responses

CodeDescriptionData TypeResponse headers
200MFA configuration of an Okta MFA method.MfaOktaConfig-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessModelMetadataAttribute429Response-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: application/json
  • Accept: application/json

Example

from sailpoint.beta.api.mfa_configuration_api import MFAConfigurationApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.mfa_okta_config import MfaOktaConfig
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
mfa_okta_config = '''{
"accessKey" : "qw123Y3QlA5UqocYpdU3rEkzrK2D497y",
"host" : "example.com",
"mfaMethod" : "okta-verify",
"enabled" : true,
"identityAttribute" : "email"
}''' # MfaOktaConfig |

try:
# Set Okta MFA configuration
new_mfa_okta_config = MfaOktaConfig.from_json(mfa_okta_config)
results = MFAConfigurationApi(api_client).set_mfa_okta_config(mfa_okta_config=new_mfa_okta_config)
# Below is a request that includes all optional parameters
# results = MFAConfigurationApi(api_client).set_mfa_okta_config(new_mfa_okta_config)
print("The response of MFAConfigurationApi->set_mfa_okta_config:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling MFAConfigurationApi->set_mfa_okta_config: %s\n" % e)

[Back to top]

set-mfakba-config

Set MFA KBA configuration This API sets answers to challenge questions. Any configured questions omitted from the request are removed from user KBA configuration.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
Bodykba_answer_request_item[]KbaAnswerRequestItemTrue

Return type

List[KbaAnswerResponseItem]

Responses

CodeDescriptionData TypeResponse headers
200The new KBA configuration for the user.List[KbaAnswerResponseItem]-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessModelMetadataAttribute429Response-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: application/json
  • Accept: application/json

Example

from sailpoint.beta.api.mfa_configuration_api import MFAConfigurationApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.kba_answer_request_item import KbaAnswerRequestItem
from sailpoint.beta.models.kba_answer_response_item import KbaAnswerResponseItem
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
kba_answer_request_item = '''[{id=173423, answer=822cd15d6c15aa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a0859a2fea34}, {id=c54fee53-2d63-4fc5-9259-3e93b9994135, answer=9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08}]''' # List[KbaAnswerRequestItem] |

try:
# Set MFA KBA configuration
new_kba_answer_request_item = KbaAnswerRequestItem.from_json(kba_answer_request_item)
results = MFAConfigurationApi(api_client).set_mfakba_config(kba_answer_request_item=new_kba_answer_request_item)
# Below is a request that includes all optional parameters
# results = MFAConfigurationApi(api_client).set_mfakba_config(new_kba_answer_request_item)
print("The response of MFAConfigurationApi->set_mfakba_config:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling MFAConfigurationApi->set_mfakba_config: %s\n" % e)

[Back to top]

test-mfa-config

MFA method's test configuration This API validates that the configuration is valid and will properly authenticate with the MFA provider identified by the method path parameter.

API Spec

Parameters

Param TypeNameData TypeRequiredDescription
PathmethodstrTrueThe name of the MFA method. The currently supported method names are 'okta-verify' and 'duo-web'.

Return type

MfaConfigTestResponse

Responses

CodeDescriptionData TypeResponse headers
200The result of configuration test for the MFA provider.MfaConfigTestResponse-
400Client Error - Returned if the request body is invalid.ErrorResponseDto-
401Unauthorized - Returned if there is no authorization header, or if the JWT token is expired.ListAccessModelMetadataAttribute401Response-
403Forbidden - Returned if the user you are running as, doesn't have access to this end-point.ErrorResponseDto-
429Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again.ListAccessModelMetadataAttribute429Response-
500Internal Server Error - Returned if there is an unexpected error.ErrorResponseDto-

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

from sailpoint.beta.api.mfa_configuration_api import MFAConfigurationApi
from sailpoint.beta.api_client import ApiClient
from sailpoint.beta.models.mfa_config_test_response import MfaConfigTestResponse
from sailpoint.configuration import Configuration
configuration = Configuration()


with ApiClient(configuration) as api_client:
method = 'okta-verify' # str | The name of the MFA method. The currently supported method names are 'okta-verify' and 'duo-web'. # str | The name of the MFA method. The currently supported method names are 'okta-verify' and 'duo-web'.

try:
# MFA method's test configuration

results = MFAConfigurationApi(api_client).test_mfa_config(method=method)
# Below is a request that includes all optional parameters
# results = MFAConfigurationApi(api_client).test_mfa_config(method)
print("The response of MFAConfigurationApi->test_mfa_config:\n")
print(results.model_dump_json(by_alias=True, indent=4))
except Exception as e:
print("Exception when calling MFAConfigurationApi->test_mfa_config: %s\n" % e)

[Back to top]