Step 14: Create the device authentication policy
POST {{apiPath}}/environments/{{envID}}/deviceAuthenticationPolicies
The POST /environments/{{envID}}/deviceAuthenticationPolicies operation creates a device authentication policy to specify enabled device types. In this use case, the SMS device type must be enabled in the device authentication policy to receive the text message with the one-time password (OTP) code needed to complete the MFA action.
Request Body
{"name"=>"useCaseDeviceAuthPolicy__{{$timestamp}}", "sms"=>{"enabled"=>true, "otp"=>{"failure"=>{"count"=>3, "coolDown"=>{"duration"=>0, "timeUnit"=>"MINUTES"}}, "lifeTime"=>{"duration"=>30, "timeUnit"=>"MINUTES"}}}, "email"=>{"enabled"=>true, "otp"=>{"failure"=>{"count"=>3, "coolDown"=>{"duration"=>0, "timeUnit"=>"MINUTES"}}, "lifeTime"=>{"duration"=>30, "timeUnit"=>"MINUTES"}}}, "mobile"=>{"enabled"=>true, "otp"=>{"failure"=>{"count"=>3, "coolDown"=>{"duration"=>2, "timeUnit"=>"MINUTES"}}, "window"=>{"stepSize"=>{"duration"=>30, "timeUnit"=>"SECONDS"}}}, "applications"=>[{"id"=>"{{webApp4MfaId}}", "push"=>{"enabled"=>false}, "otp"=>{"enabled"=>true}, "deviceAuthorization"=>{"enabled"=>true, "extraVerification"=>"permissive"}, "autoEnrollment"=>{"enabled"=>true}, "integrityDetection"=>"permissive"}]}, "totp"=>{"enabled"=>true, "otp"=>{"failure"=>{"count"=>3, "coolDown"=>{"duration"=>2, "timeUnit"=>"MINUTES"}}}}, "voice"=>{"enabled"=>false, "otp"=>{"failure"=>{"count"=>3, "coolDown"=>{"duration"=>0, "timeUnit"=>"MINUTES"}}, "lifeTime"=>{"duration"=>30, "timeUnit"=>"MINUTES"}}}, "securityKey"=>{"enabled"=>true}, "forSignOnPolicy"=>false, "platform"=>{"enabled"=>true}, "default"=>false}
HEADERS
| Key | Datatype | Required | Description |
|---|---|---|---|
Authorization | string | ||
Content-Type | string |