Generate MFA token

Generates MFA token for devices.

This API generates the MFA token using the device ID, customer identifier type, value, and the token generated from OTP validation in the primary flow. See Validate OTP in First factor flow.

API endpoint example



  • Your organisation has enabled MFA.
  • Validation of OTP from the primary or First factor flow.

Resource information

Pagination supported?NA
Rate limitNA
Batch supportNA

Request body parameters

(Parameters marked with * are mandatory)
Data TypeDescription
identifierType*EnumIdentifier used for MFA token generation. Values: MOBILE, EMAIL, USERNAME, EXTERNALID
identifierValue*StringValue of the identifier.
deviceId*StringUnique ID of the device from which the customer generates the token.
brand*StringName of the brand or organisation that needs verification.
authorizedToken*StringAuthentication token from /otp/validate\ of First factor.
curl --location '' \
--header 'Content-Type: application/json' \
--header 'Cookie: _cfuvid=TQelvcvKiKe5DWhd.tGG6g.Hq0IJI4FnRacxB4UYCyI-1716799831120-' \
--data '{
    "deviceId": "1234",
    "brand": "Bukl",

Response parameters

ParameterData TypeDescription
statusobjectObject containing status information.
- successbooleanBoolean indicating the status of the request.
- codeintegerHTTP status code indicating the result. Example: 200 indicates success.
- messagestringMessage describing the status of the request.
authobjectObject containing authentication details.
- tokenstringString representing the authentication token. By default, the token is valid for 15 minutes.
- keystringString representing the authentication key.
userobjectObject containing user details.
- appRegisteredbooleanIndicates if the user is registered in the app.
- sessionIdstringCurrent session ID for MFA flow. The session ID is valid for 15 minutes by default.
- rolestringIndicates the user's role. Example: VIEW, USER.
- userRegisteredForPasswordbooleanIndicates if the user is registered for a password.

    "status": {
        "success": true,
        "code": 200,
        "message": "SUCCESS"
    "auth": {
        "token": "eyJpZHYiOlsiTU9CSUxFfDE4Nzk1Nzc0NzU0Il0sImRldiI6IjEyMzQiLCJvcmciOiJCVUtMIiwiYWxnIjoiSFMyNTYifQ.eyJpc3MiOiJDQVBJTExBUlkgVEVDSE5PTE9HSUVTIiwib2djIjpbIjEwMDQ1OHxidWtsLmluZC5zb2x1dGlvbiJdLCJleHAiOjE3MTY4OTA4MjIsImlhdCI6MTcxNjg4OTkyMiwicm9sIjoiVklFVyJ9.nL6iCjXIrfEb02uDnnJTyj0uPi8teQjAgnQPVU0_aqQ",
        "key": null
    "user": {
        "appRegistered": false,
        "sessionId": "P-a2996f83-a72d-405c-aa23-0eed7a7dba1e",
        "role": "VIEW",
        "userRegisteredForPassword": false
Click Try It! to start a request and see the response here!