Post
/api/v1/twoFactorChallenges.sendEmailCode
Sends a two-factor authentication code by email for an in-progress login challenge. Use this endpoint after a login attempt returns a challengeId for the email two-factor method, to deliver a fresh code to the user.
The endpoint does not require an authenticated session. It is rate-limited to 5 requests per minute per caller. The challenge must exist, must not be expired, and must use the email method.
Changelog
| Version | Description |
|---|---|
| 8.5.0 | Added |
Body parameters
Example 1
{
"challengeId": "8f4c2d1e9a7b6c5d3e2f1a0b"
}object
challengeId
string Required
The ID of the pending two-factor challenge returned by the login flow.
Example8f4c2d1e9a7b6c5d3e2f1a0b
Responses
200
OK
Success
{
"success": true
}object
success
boolean
400
Bad Request
Missing challengeId
{
"success": false,
"error": "challengeId is required",
"errorType": "error-parameter-required"
}Challenge not found
{
"success": false,
"error": "challenge not found",
"errorType": "error-challenge-not-found"
}Challenge expired
{
"success": false,
"error": "challenge expired",
"errorType": "error-challenge-expired"
}Invalid challenge method
{
"success": false,
"error": "invalid challenge method",
"errorType": "error-invalid-challenge-method"
}User not found
{
"success": false,
"error": "user not found",
"errorType": "error-user-not-found"
}object
success
boolean
error
string
errorType
string