MfaApi

API client for managing multi-factor authentication (TOTP and Email).

Constructor

import { HttpService, MfaApi } from 'authsafe-ts';

const user = await oauthService.getUser();
const httpService = new HttpService(user?.access_token);
const mfaApi = new MfaApi(httpService);

Methods

List MFA Methods

Get all configured MFA methods for the authenticated user.

await mfaApi.listMethods(): Promise<MfaMethod[]>

Returns:

interface MfaMethod {
  id: string;
  type: 'totp' | 'email';
  is_primary: boolean;
  created_at: string;
  last_used_at?: string;
}

Example:

const methods = await mfaApi.listMethods();
console.log('Configured MFA:', methods);

Setup TOTP

Generate a new TOTP secret and QR code for authenticator app setup.

await mfaApi.setupTotp(): Promise<{ secret: string; qr_code: string }>

Returns:

{
  secret: "BASE32_SECRET",
  qr_code: "data:image/png;base64,..." // QR code as data URL
}

Example:

const { secret, qr_code } = await mfaApi.setupTotp();

// Display QR code to user
document.getElementById('qr-code').src = qr_code;

// Show secret for manual entry
console.log('Manual entry:', secret);

Verify TOTP

Confirm TOTP setup by verifying a code from authenticator app.

await mfaApi.verifyTotp(code: string): Promise<{ success: boolean }>

Example:

const userCode = '123456'; // From authenticator app
const result = await mfaApi.verifyTotp(userCode);

if (result.success) {
  console.log('TOTP enabled successfully');
}

Setup Email MFA

Enable email-based MFA and send verification code.

await mfaApi.setupEmail(email: string): Promise<{ message: string }>

Example:

await mfaApi.setupEmail('user@example.com');
console.log('Verification code sent to email');

Verify Email MFA

Confirm email MFA setup with verification code.

await mfaApi.verifyEmail(code: string): Promise<{ success: boolean }>

Example:

const emailCode = '654321'; // From user's email
const result = await mfaApi.verifyEmail(emailCode);

if (result.success) {
  console.log('Email MFA enabled');
}

Remove MFA Method

Delete a configured MFA method.

await mfaApi.removeMethod(methodId: string): Promise<{ success: boolean }>

Example:

const methods = await mfaApi.listMethods();
const totpMethod = methods.find((m) => m.type === 'totp');

if (totpMethod) {
  await mfaApi.removeMethod(totpMethod.id);
  console.log('TOTP removed');
}

Complete Example

Setup MFA Flow

import { OAuthService, HttpService, MfaApi } from 'authsafe-ts';

// Initialize services
const oauthService = new OAuthService({ clientId, redirectUri });
const user = await oauthService.getUser();
const httpService = new HttpService(user?.access_token);
const mfaApi = new MfaApi(httpService);

// Check existing MFA methods
const methods = await mfaApi.listMethods();

if (methods.length === 0) {
  // No MFA configured - setup TOTP
  const { qr_code, secret } = await mfaApi.setupTotp();

  // Display QR code to user
  showQRCode(qr_code);

  // User scans and enters code
  const code = await promptUserForCode();
  const result = await mfaApi.verifyTotp(code);

  if (result.success) {
    console.log('TOTP enabled successfully!');
  }
} else {
  console.log('MFA already configured:', methods);
}

Remove MFA

const methods = await mfaApi.listMethods();

for (const method of methods) {
  console.log(`Removing ${method.type} MFA...`);
  await mfaApi.removeMethod(method.id);
}

console.log('All MFA methods removed');

UserApi - User profile management
HttpService - HTTP client
Type Definitions - MFA types

MfaApi

Constructor

Methods

List MFA Methods

Setup TOTP

Verify TOTP

Setup Email MFA

Verify Email MFA

Remove MFA Method

Complete Example

Setup MFA Flow

Remove MFA

Related

MfaApi

Constructor

Methods

List MFA Methods

Setup TOTP

Verify TOTP

Setup Email MFA

Verify Email MFA

Remove MFA Method

Complete Example

Setup MFA Flow

Remove MFA

Related