Method: accounts.mfaSignIn.finalize

Verifies the MFA challenge and performs sign-in

HTTP request

POST https://identitytoolkit.googleapis.com/v2/accounts/mfaSignIn:finalize

The URL uses gRPC Transcoding syntax.

Request body

The request body contains data with the following structure:

JSON representation
{
  "mfaPendingCredential": string,
  "tenantId": string,
  "phoneVerificationInfo": {
    object (FinalizeMfaPhoneRequestInfo)
  }
}
Fields
mfaPendingCredential

string

Required. Pending credential from first factor sign-in.

tenantId

string

The ID of the Identity Platform tenant the user is signing in to. If not set, the user will sign in to the default Identity Platform project.

phoneVerificationInfo

object (FinalizeMfaPhoneRequestInfo)

Proof of completion of the SMS based MFA challenge.

Response body

If successful, the response body contains data with the following structure:

mfaSignIn.finalize response.

JSON representation
{
  "idToken": string,
  "refreshToken": string,
  "phoneAuthInfo": {
    object (FinalizeMfaPhoneResponseInfo)
  }
}
Fields
idToken

string

ID token for the authenticated user.

refreshToken

string

Refresh token for the authenticated user.

phoneAuthInfo

object (FinalizeMfaPhoneResponseInfo)

Extra phone auth info, including android verification proof.

Authorization Scopes

Requires one of the following OAuth scopes:

  • https://www.googleapis.com/auth/identitytoolkit
  • https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.