The POST /{{envID}}/deviceAuthentications operation initiates an MFA device authentication flow. The request body requires a user.id attribute to associate a user with the MFA flow.

The response returns a device authentication ID that is required for the next steps in the flow. The response also includes a status property to specify the next flow step. Common status options are OTP_REQUIRED (validate a one-time passcode), PUSH_CONFIRMATION_REQUIRED (prompt to confirm the authentication), and DEVICE_SELECTION_REQUIRED (select a supported device type for MFA actions).