Regenerate recovery codes
POST
/api/2fa/recovery-codes
Verifies a current TOTP or recovery code, then replaces the recovery-code set and returns the new codes (shown once).
Authorizations
ApiToken
Long-lived API token created via POST /api/api-tokens (returned once in plaintext).
Type
API Key (header: X-API-TOKEN)
or
JWT
JWT access token obtained via POST /api/auth/login. Send as: Authorization: Bearer
Type
HTTP (bearer)
Request Body
application/json
JSON "code": "123456"
{
}
Responses
Recovery codes (shown once)
application/json
JSON "recoveryCodes": [ [ "abcde-12345", "f6g7h-89012" ] ]
{
}
