The sample shows the POST /environments/{environmentId}/users/{userId}/devices operation to add a Time-based One-time Password (TOTP) authenticator application device type to the specified user resource.

Note: An actor making a self request must have an access token that includes the p1:create:device scope.