Enabling and Disabling MFA using REST API

In this article

    You can enable or disable MFA using Veeam Service Provider Console REST API. For details on REST API in Veeam Service Provider Console, see REST API Reference.

    To access Veeam Service Provider Console REST API, you can use any client application. This guide covers procedures performed in Swagger UI, a built-in tool for evaluation and testing.

    Before You Begin

    To configure MFA for a user, you must install an authenticator application or any other TOTP code generator.

    Enabling MFA

    To enable MFA for a user account using Swagger UI:

    1. In the internet browser address bar, enter the Veeam Service Provider Console REST API URL in the following format: https://<hostname>:<port>/api.
    2. On the landing page, click SwaggerUI.
    3. Authorize as described in section Getting Authorization Tokens of the REST API Reference.
    4. Under the Accounts collection, expand the GET /users resource and click Try it out.
    5. In the filter parameter field, type the following: [{"property":"userName","operator":"equal","value":"<User name>"}], where <User name> is the name of a user for whom you want to enable MFA.
    6. Click Execute.

    The server will return a response which you can find in the Response body section. The response contains resource representation of a user.

    1. Under the Accounts collection, expand the PATCH /users/{userUid} resource and click Try it out.
    2. In the Parameters section, specify the following parameters:
    • userUid — user UID that you received at step 6.
    • body — the following JSON Patch operation:

    [

     {

       "op": "replace",

       "path": "mfaPolicyStatus",

       "value": "enabled",

     }

    ]

    1. Click Execute.

    If the request is processed successfully, the server will return a response with the 200 OK response code.

    On the next authorization session, the user must configure MFA by going through the Multi-Factor Authentication step of the Edit User wizard as described in the Modify Own User Profile section.

    Disabling MFA

    To disable MFA for a user account using Swagger UI:

    1. In the internet browser address bar, enter the Veeam Service Provider Console REST API URL in the following format: https://<hostname>:<port>/api.
    2. On the landing page, click SwaggerUI.
    3. Authorize as described in section Getting Authorization Tokens of the REST API Reference.
    4. Under the Accounts collection, expand the GET /users resource and click Try it out.
    5. In the filter parameter field, type the following: [{"property":"userName","operator":"equal","value":"<User name>"}], where <User name> is the name of a user for whom you want to enable MFA.
    6. Click Execute.

    The server will return a response which you can find in the Response body section. The response contains resource representation of a user.

    1. Under the Accounts collection, expand the PATCH /users/{userUid} resource and click Try it out.
    2. In the Parameters section, specify the following parameters:
    • userUid — user UID that you received at step 6.
    • body — the following JSON Patch operation:

    [

     {

       "op": "replace",

       "path": "mfaPolicyStatus",

       "value": "disabled",

     }

    ]

    1. Click Execute.

    If the request is processed successfully, the server will return a response with the 200 OK response code.