Skip to main content
POST
Start authenticator app enrollment

Authorizations

Authorization
string
header
required

Session JWT (from register/login) or API key (pk_...). X-API-Key: <token> is accepted as an alternative header.

Body

application/json
password
string

Response

Secret + otpauth URI + QR PNG.

Last modified on July 18, 2026