Backup Codes for Multi-Factor Authentication (MFA)

Backup Codes provide a fallback method for customers who cannot complete Multi-Factor Authentication (MFA)—for example, if their phone is lost or broken. These codes act as one-time-use alternatives to the second factor, ensures customers can still securely access their accounts.

Typical Workflow

1. Initial MFA Login: The customer successfully logs in using MFA.
2. Backup Code Generation: After logging in, customers can generate Backup Codes as a contingency. Use one of the following APIs:
   • Generate Backup Code by Access Token
   • Generate Backup Code by UID
3. Second Factor Unavailable: If the customer cannot access their second factor (e.g., broken phone), they can utilize one of the previously generated Backup Codes.
4. Backup Code Validation: The customer enters a Backup Code to complete authentication. Each code is valid only once. Use the following API:
   • Validate Backup Code

Resetting Backup Codes

If customers want to regenerate a new set of Backup Codes, they can reset using:

• Reset Backup Code by Access Token
• Reset Backup Code by UID

Related Resources

• Multi-Factor Authentication
• Authentication API overview
• Security