Verifies the MFA challenge and performs sign-in
HTTP request
POST https://identitytoolkit.googleapis.com/v2/accounts/mfaSignIn:finalize
The URL uses gRPC Transcoding syntax.
Request body
The request body contains data with the following structure:
JSON representation |
---|
{ "mfaPendingCredential": string, "tenantId": string, "mfaEnrollmentId": string, // Union field |
Fields | |
---|---|
mfa |
Required. Pending credential from first factor sign-in. |
tenant |
The ID of the Identity Platform tenant the user is signing in to. If not set, the user will sign in to the default Identity Platform project. |
mfa |
The MFA enrollment ID from the user's list of current MFA enrollments. |
Union field verification_info . Proof of completion of the MFA challenge. verification_info can be only one of the following: |
|
phone |
Proof of completion of the SMS based MFA challenge. |
totp |
Proof of completion of the TOTP based MFA challenge. |
Response body
mfaSignIn.finalize response.
If successful, the response body contains data with the following structure:
JSON representation |
---|
{ "idToken": string, "refreshToken": string, // Union field |
Fields | |
---|---|
id |
ID token for the authenticated user. |
refresh |
Refresh token for the authenticated user. |
Union field auxiliary_auth_info . MFA verified sign-in information. auxiliary_auth_info can be only one of the following: |
|
phone |
Extra phone auth info, including android verification proof. |
Authorization scopes
Requires one of the following OAuth scopes:
https://www.googleapis.com/auth/identitytoolkit
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.
MfaTotpSignInRequestInfo
TOTP verification info for FinalizeMfaSignInRequest.
JSON representation |
---|
{ "verificationCode": string } |
Fields | |
---|---|
verification |
User-entered verification code. |