Send Login MFA Code

POST/web/v1/users/self/auth/login/mfa/sendNone

Sends a multi-factor authentication code to the user during the login flow. The code is sent via the specified MFA method (e.g., email).

Authentication

Auth Chain: WEB Chain — no JWT required (pre-authentication endpoint) These headers are injected by the system (frontend does nothing): X-PORTAL-ACCESS-CODE (Nginx), X-Request-Id (Gateway)

Request Parameters

Name	Type	Required	In	Description
`request`	`Object`	Yes	body	LoginMfaSendRequest object (see request body schema)

Success Response

Success200

{
  "version": "1.3.0",
  "timestamp": 1709337600000,
  "success": true,
  "code": "2000",
  "message": "SUCCESS",
  "data": {
    "sent": true,
    "method": "EMAIL",
    "maskedTarget": "r***@example.com"
  }
}

Error Responses

Unauthorized401

{
  "success": false,
  "code": "4010",
  "message": "Invalid or expired token"
}

Notes

Rate limited to 5 requests per 60-second window.
The sessionId must come from a prior initiateLogin call.
The method field specifies which MFA channel to use (e.g., EMAIL, OTP).

Send Login MFA Code ​

Authentication ​

Request Parameters ​

Success Response ​

Error Responses ​

Notes ​

Authentication

Request Parameters

Success Response

Error Responses

Notes