> ## Documentation Index
> Fetch the complete documentation index at: https://docs.lerian.studio/llms.txt
> Use this file to discover all available pages before exploring further.

# Initiate MFA Challenge

> Use this endpoint to request a new MFA verification code sent via email or SMS. This is useful when the user needs a fresh code or wants to switch to a different MFA method.

Requires a valid `mfaToken` obtained from the access token endpoint.




## OpenAPI

````yaml /en/openapi/v3-current/AM-auth.yaml post /v1/login/mfa/challenge
openapi: 3.1.0
info:
  title: Auth Plugin
  description: ''
  version: 2.6.4
servers:
  - url: https://auth.sandbox.lerian.net
security: []
tags:
  - name: Authentication API
  - name: MFA API
  - name: User Information API
  - name: Authorization API
paths:
  /v1/login/mfa/challenge:
    post:
      tags:
        - MFA API
      summary: Initiate MFA Challenge
      description: >
        Use this endpoint to request a new MFA verification code sent via email
        or SMS. This is useful when the user needs a fresh code or wants to
        switch to a different MFA method.


        Requires a valid `mfaToken` obtained from the access token endpoint.
      parameters: []
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/MFAChallengeInput'
            example:
              mfaToken: eyJhbGciOiJIUzI1NiJ9...
              mfaType: email
      responses:
        '200':
          description: >-
            The MFA challenge was initiated. A verification code has been sent
            through the requested method.
          content:
            application/json:
              schema:
                type: object
                properties:
                  message:
                    type: string
                    description: Confirmation that the challenge was initiated.
              example:
                message: MFA challenge initiated
          headers: {}
        '400':
          description: ''
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorMessage'
              examples:
                Error0001:
                  $ref: '#/components/examples/Error0001'
                Error0009:
                  $ref: '#/components/examples/Error0009'
          headers: {}
        '401':
          description: ''
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorMessage'
              examples:
                Error0020:
                  $ref: '#/components/examples/Error0020'
          headers: {}
        '429':
          description: ''
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorMessage'
              examples:
                Error0018:
                  $ref: '#/components/examples/Error0018'
          headers: {}
        '500':
          description: ''
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorMessage'
              examples:
                Error0005:
                  $ref: '#/components/examples/Error0005'
          headers: {}
      security: []
components:
  schemas:
    MFAChallengeInput:
      description: >-
        Information used to request a new MFA verification code via email or
        SMS.
      type: object
      required:
        - mfaToken
        - mfaType
      properties:
        mfaToken:
          type: string
          description: The temporary MFA token received from the access token endpoint.
        mfaType:
          type: string
          enum:
            - app
            - email
            - sms
          description: The MFA method to use for the challenge.
    ErrorMessage:
      description: The response message error.
      type: object
      properties:
        code:
          type: string
          description: A unique, stable identifier for the error.
        title:
          type: string
          description: A brief summary of the issue.
        message:
          type: string
          description: Detailed guidance for resolving the error.
  examples:
    Error0001:
      summary: Missing Fields in Request
      value:
        code: AUT-0001
        title: Missing Fields in Request
        message: >-
          Your request is missing one or more required fields. Please refer to
          the documentation to ensure all necessary fields are included in your
          request.
    Error0009:
      summary: Bad Request
      value:
        code: AUT-0009
        title: Bad Request
        message: >-
          The server could not understand the request due to malformed syntax.
          Please check the listed fields and try again.
    Error0020:
      summary: Invalid MFA Token
      value:
        code: AUT-0020
        title: Invalid MFA Token
        message: >-
          The provided MFA token is invalid or malformed. Please use the token
          received from the access token endpoint.
    Error0018:
      summary: MFA Max Attempts Reached
      value:
        code: AUT-0018
        title: MFA Max Attempts Reached
        message: >-
          The maximum number of MFA verification attempts has been reached.
          Please restart the login process.
    Error0005:
      summary: Internal Server Error
      value:
        code: AUT-0005
        title: Internal Server Error
        message: >-
          The server encountered an unexpected error. Please try again later or
          contact support.

````