Skip to content

Disable 2FA

POST
/api/2fa/disable

Verifies a current TOTP or recovery code, then disables 2FA. Forbidden while an organization enforces 2FA.

Authorizations

ApiToken

Long-lived API token created via POST /api/api-tokens (returned once in plaintext).

Type
API Key (header: X-API-TOKEN)
or
JWT

JWT access token obtained via POST /api/auth/login. Send as: Authorization: Bearer .

Type
HTTP (bearer)

Request Body

application/json
JSON
{
  
"code": "123456"
}

Responses

Success

application/json
JSON
{
  
"message": "Two-factor authentication disabled."
}

Playground

Authorization
Body

Samples

Powered by VitePress OpenAPI