The PingOne MFA services provide capabilities for enabling MFA actions in authentication flows, configuring MFA settings and policies, and specifying MFA devices.
For MFA authentication:
For MFA policies and settings:
The MFA settings endpoint supports operations to read, update, and reset the PingOne MFA settings associated with a specified environment. See MFA Settings.
The Device authentication policies (identified in the PingOne UI as “MFA Policies”) enable you to configure different settings per MFA authentication method, according to your security policies. See Device Authentication Policies.
For MFA device management:
The enable user settings (MFA) control whether a user can authenticate using MFA actions. This endpoint enables or disables MFA capability. see Enable Users MFA.
The MFA devices service defines the MFA method or methods associated with a user, such as email, SMS, voice, or other MFA device types for use in an MFA flow. See MFA Devices.
To enable multi-factor authentication (MFA) via push notification on a native device, the user resource must have a native device and an application associated with its user ID. The association is implemented with a pairing key. See MFA Pairing Keys.