LukeParke/developer.sailpoint.com
1
0
Fork 0
mirror of https://github.com/LukeHagar/developer.sailpoint.com.git synced 2025-12-07 12:27:47 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
870b5b29b0e8ee828578a4e8e730a37167a9db4f
developer.sailpoint.com/docs/tools/sdk/powershell/Reference/V2024/Methods/V2024MFAConfigurationApi.md
darrell-thobe-sp 2627599191 updated docs with tag descreptions
2025-01-29 07:04:59 -05:00

15 KiB
Raw Blame History

id, title, pagination_label, sidebar_label, sidebar_class_name, keywords, slug, tags
id title pagination_label sidebar_label sidebar_class_name keywords slug tags
v2024-mfa-configuration MFAConfiguration MFAConfiguration MFAConfiguration powershellsdk
powershell
PowerShell
sdk
MFAConfiguration
V2024MFAConfiguration
/tools/sdk/powershell/v2024/methods/mfa-configuration
SDK
Software Development Kit
MFAConfiguration
V2024MFAConfiguration

MFAConfiguration

Configure and test multifactor authentication (MFA) methods

All URIs are relative to https://sailpoint.api.identitynow.com/v2024

Method HTTP request Description
Get-V2024MFADuoConfig GET /mfa/duo-web/config Configuration of Duo MFA method
Get-V2024MFAKbaConfig GET /mfa/kba/config Configuration of KBA MFA method
Get-V2024MFAOktaConfig GET /mfa/okta-verify/config Configuration of Okta MFA method
Set-V2024MFADuoConfig PUT /mfa/duo-web/config Set Duo MFA configuration
Set-V2024MFAKBAConfig POST /mfa/kba/config/answers Set MFA KBA configuration
Set-V2024MFAOktaConfig PUT /mfa/okta-verify/config Set Okta MFA configuration
Test-V2024MFAConfig GET /mfa/{method}/test MFA method's test configuration

get-mfa-duo-config

This API returns the configuration of an Duo MFA method.

Parameters

Param Type Name Data Type Required Description

Return type

MfaDuoConfig

Responses

Code Description Data Type
200 The configuration of an Duo MFA method. MfaDuoConfig
400 Client Error - Returned if the request body is invalid. ErrorResponseDto
401 Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. ListAccessProfiles401Response
403 Forbidden - Returned if the user you are running as, doesn't have access to this end-point. ErrorResponseDto
429 Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. ListAccessProfiles429Response
500 Internal Server Error - Returned if there is an unexpected error. ErrorResponseDto

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

# Configuration of Duo MFA method
try {
    Get-V2024MFADuoConfig
    
    # Below is a request that includes all optional parameters
    # Get-V2024MFADuoConfig  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2024MFADuoConfig"
    Write-Host $_.ErrorDetails
}

[Back to top]

get-mfa-kba-config

This API returns the KBA configuration for MFA.

Parameters

Param Type Name Data Type Required Description
Query AllLanguages Boolean (optional) Indicator whether the question text should be returned in all configured languages * If true, the question text is returned in all languages that it is configured in. * If false, the question text is returned in the user locale if available, else for the default locale. * If not passed, it behaves the same way as passing this parameter as false

Return type

KbaQuestion[]

Responses

Code Description Data Type
200 The configuration for KBA MFA method. KbaQuestion[]
400 Client Error - Returned if the request body is invalid. ErrorResponseDto
401 Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. ListAccessProfiles401Response
403 Forbidden - Returned if the user you are running as, doesn't have access to this end-point. ErrorResponseDto
429 Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. ListAccessProfiles429Response
500 Internal Server Error - Returned if there is an unexpected error. ErrorResponseDto

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

$AllLanguages = $false # Boolean | Indicator whether the question text should be returned in all configured languages    * If true, the question text is returned in all languages that it is configured in.    * If false, the question text is returned in the user locale if available, else for the default locale.     * If not passed, it behaves the same way as passing this parameter as false (optional)
# Configuration of KBA MFA method
try {
    Get-V2024MFAKbaConfig
    
    # Below is a request that includes all optional parameters
    # Get-V2024MFAKbaConfig -V2024AllLanguages $AllLanguages  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2024MFAKbaConfig"
    Write-Host $_.ErrorDetails
}

[Back to top]

get-mfa-okta-config

This API returns the configuration of an Okta MFA method.

Parameters

Param Type Name Data Type Required Description

Return type

MfaOktaConfig

Responses

Code Description Data Type
200 The configuration of an Okta MFA method. MfaOktaConfig
400 Client Error - Returned if the request body is invalid. ErrorResponseDto
401 Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. ListAccessProfiles401Response
403 Forbidden - Returned if the user you are running as, doesn't have access to this end-point. ErrorResponseDto
429 Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. ListAccessProfiles429Response
500 Internal Server Error - Returned if there is an unexpected error. ErrorResponseDto

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

# Configuration of Okta MFA method
try {
    Get-V2024MFAOktaConfig
    
    # Below is a request that includes all optional parameters
    # Get-V2024MFAOktaConfig  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Get-V2024MFAOktaConfig"
    Write-Host $_.ErrorDetails
}

[Back to top]

set-mfa-duo-config

This API sets the configuration of an Duo MFA method.

Parameters

Param Type Name Data Type Required Description
Body MfaDuoConfig MfaDuoConfig True

Return type

MfaDuoConfig

Responses

Code Description Data Type
200 MFA configuration of an Duo MFA method. MfaDuoConfig
400 Client Error - Returned if the request body is invalid. ErrorResponseDto
401 Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. ListAccessProfiles401Response
403 Forbidden - Returned if the user you are running as, doesn't have access to this end-point. ErrorResponseDto
429 Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. ListAccessProfiles429Response
500 Internal Server Error - Returned if there is an unexpected error. ErrorResponseDto

HTTP request headers

  • Content-Type: application/json
  • Accept: application/json

Example

$MfaDuoConfig = @"{
  "accessKey" : "qw123Y3QlA5UqocYpdU3rEkzrK2D497y",
  "host" : "example.com",
  "configProperties" : {
    "skey" : "qwERttyZx1CdlQye2Vwtbsjr3HKddy4BAiCXjc5x",
    "ikey" : "Q123WE45R6TY7890ZXCV"
  },
  "mfaMethod" : "duo-web",
  "enabled" : true,
  "identityAttribute" : "email"
}"@
# Set Duo MFA configuration
try {
    $Result = ConvertFrom-JsonToMfaDuoConfig -Json $MfaDuoConfig
    Set-V2024MFADuoConfig-V2024MfaDuoConfig $Result
    
    # Below is a request that includes all optional parameters
    # Set-V2024MFADuoConfig -V2024MfaDuoConfig $MfaDuoConfig  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-V2024MFADuoConfig"
    Write-Host $_.ErrorDetails
}

[Back to top]

set-mfakba-config

This API sets answers to challenge questions. Any configured questions omitted from the request are removed from user KBA configuration.

Parameters

Param Type Name Data Type Required Description
Body KbaAnswerRequestItem []KbaAnswerRequestItem True

Return type

KbaAnswerResponseItem[]

Responses

Code Description Data Type
200 The new KBA configuration for the user. KbaAnswerResponseItem[]
400 Client Error - Returned if the request body is invalid. ErrorResponseDto
401 Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. ListAccessProfiles401Response
403 Forbidden - Returned if the user you are running as, doesn't have access to this end-point. ErrorResponseDto
429 Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. ListAccessProfiles429Response
500 Internal Server Error - Returned if there is an unexpected error. ErrorResponseDto

HTTP request headers

  • Content-Type: application/json
  • Accept: application/json

Example

 # KbaAnswerRequestItem[] | 
 $KbaAnswerRequestItem = @"{
  "answer" : "Your answer",
  "id" : "c54fee53-2d63-4fc5-9259-3e93b9994135"
}"@ 

# Set MFA KBA configuration
try {
    $Result = ConvertFrom-JsonToKbaAnswerRequestItem -Json $KbaAnswerRequestItem
    Set-V2024MFAKBAConfig-V2024KbaAnswerRequestItem $Result
    
    # Below is a request that includes all optional parameters
    # Set-V2024MFAKBAConfig -V2024KbaAnswerRequestItem $KbaAnswerRequestItem  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-V2024MFAKBAConfig"
    Write-Host $_.ErrorDetails
}

[Back to top]

set-mfa-okta-config

This API sets the configuration of an Okta MFA method.

Parameters

Param Type Name Data Type Required Description
Body MfaOktaConfig MfaOktaConfig True

Return type

MfaOktaConfig

Responses

Code Description Data Type
200 MFA configuration of an Okta MFA method. MfaOktaConfig
400 Client Error - Returned if the request body is invalid. ErrorResponseDto
401 Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. ListAccessProfiles401Response
403 Forbidden - Returned if the user you are running as, doesn't have access to this end-point. ErrorResponseDto
429 Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. ListAccessProfiles429Response
500 Internal Server Error - Returned if there is an unexpected error. ErrorResponseDto

HTTP request headers

  • Content-Type: application/json
  • Accept: application/json

Example

$MfaOktaConfig = @"{
  "accessKey" : "qw123Y3QlA5UqocYpdU3rEkzrK2D497y",
  "host" : "example.com",
  "mfaMethod" : "okta-verify",
  "enabled" : true,
  "identityAttribute" : "email"
}"@
# Set Okta MFA configuration
try {
    $Result = ConvertFrom-JsonToMfaOktaConfig -Json $MfaOktaConfig
    Set-V2024MFAOktaConfig-V2024MfaOktaConfig $Result
    
    # Below is a request that includes all optional parameters
    # Set-V2024MFAOktaConfig -V2024MfaOktaConfig $MfaOktaConfig  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Set-V2024MFAOktaConfig"
    Write-Host $_.ErrorDetails
}

[Back to top]

test-mfa-config

This API validates that the configuration is valid and will properly authenticate with the MFA provider identified by the method path parameter.

Parameters

Param Type Name Data Type Required Description
Path Method String True The name of the MFA method. The currently supported method names are 'okta-verify' and 'duo-web'.

Return type

MfaConfigTestResponse

Responses

Code Description Data Type
200 The result of configuration test for the MFA provider. MfaConfigTestResponse
400 Client Error - Returned if the request body is invalid. ErrorResponseDto
401 Unauthorized - Returned if there is no authorization header, or if the JWT token is expired. ListAccessProfiles401Response
403 Forbidden - Returned if the user you are running as, doesn't have access to this end-point. ErrorResponseDto
429 Too Many Requests - Returned in response to too many requests in a given period of time - rate limited. The Retry-After header in the response includes how long to wait before trying again. ListAccessProfiles429Response
500 Internal Server Error - Returned if there is an unexpected error. ErrorResponseDto

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

Example

$Method = "okta-verify" # String | The name of the MFA method. The currently supported method names are 'okta-verify' and 'duo-web'.
# MFA method's test configuration
try {
    Test-V2024MFAConfig-V2024Method $Method 
    
    # Below is a request that includes all optional parameters
    # Test-V2024MFAConfig -V2024Method $Method  
} catch {
    Write-Host $_.Exception.Response.StatusCode.value__ "Exception occurred when calling Test-V2024MFAConfig"
    Write-Host $_.ErrorDetails
}

[Back to top]