AnnaL.02597 (Customer) asked a question.
Hi all.
I am trying to change Security Question (Multi-Factor Authentication) via API. I didn't found any endpoint for updating security factor. When I try to enroll security question factor via endpoint https://developer.okta.com/docs/reference/api/factors/*enroll-okta-security-question-factor, I got next error
{
"errorCode": "E0000001",
"errorSummary": "Api validation failed: factorEnrollRequest",
"errorLink": "E0000001",
"errorId": "oaepTdoiJ7fSEOsrgZwiJ_SHA",
"errorCauses": [
{
"errorSummary": "A factor of this type is already set up."
}
]
}
In the forum and okta docs I found, that for update factor I need to reset old one, and then enroll new one. But in case if enrollment of new factor was not successful, I would like to leave old security question.
The ideal flow for me is:
- Reset old security question
- Check that new security question and answer is ok
- If ok -> enroll new security question and answer
- If not ok -> leave old security question
But I didn't find any endpoint for second step. Is it possible?
Thank you in advance!
To change the Security Question (Multi-Factor Authentication) via API using Postman:
Obtain the ${userId} using the login
GET/api/v1/users/isaac.brock@example.com
Set recovery credential (configure recovery question)
Users > Credential Operations
PUT {{url}}/api/v1/users/{{userId}}
Replace {{userId}} with the userId obtained
Modify the Body with the new question and answer.
https://support.okta.com/help/s/article/How-to-reset-configure-a-user-s-security-question-via-Postman-API?language=en_US
https://developer.okta.com/docs/reference/api/users/#get-user-with-login
If you would like to know if the recovery question and answer is acceptable, each time they are changed, as far as I know, you cannot check this. Here's where you can submit this as a feature request: https://support.okta.com/help/oktaideas