Last Updated: Jul 16, 2024
Problem statement
This article addresses the following question:
Is there a way to enable the risk assessment through code using management API without turning on Adaptive MFA?
Solution
To enable the risk assessment from the Dashboard and turn off MFA, use the settings highlighted in the screenshot below:
To make the same changes with the management use the following Management APIs.
Turning off MFA:
This API is already documented in the management API explorer page.
Example:
curl -H “Authorization: Bearer eyJ…redacted” -X PUT -H “Content-Type: application/json” -d ‘’ https://saltukalakus.auth0.com/api/v2/guardian/policies
Turning on Risk Assessment:
To enable the risk assessment, please use the following management API and set AfterAuthentication to true. This API endpoint (https://TENANT_CANONICAL_DOMAIN/api/v2/risk-assessment/config) is not yet documented in the management API explorer.
Example:
curl -H “Authorization: Bearer eyJ…redacted” -X PATCH -H “Content-Type: application/json” -d ‘{“AfterAuthentication”:true}’ https://TENANT_CANONICAL_DOMAIN/api/v2/risk-assessment/config
To turn off the risk assessment, please set the AfterAuthentication parameter to false.
Example:
curl -H “Authorization: Bearer eyJ…redacted” -X PATCH -H “Content-Type: application/json” -d ‘{“AfterAuthentication”:false}’ https://TENANT_CANONICAL_DOMAIN/api/v2/risk-assessment/config