Enable risk assessment with the management API

Problem statement

We are trying to get the risk assessment info in the logs for every user login and want to turn on this option through the code using management API. Is there a way to enable the risk assessment through code without turning on Adaptive MFA?

Solution

For enabling the risk assessment from the dashboard and turning off MFA, you may use the settings I have highlighted in the screenshot below.



To make the same changes with the management you may use the following Management APIs.

# Turning off MFA:

This API is already documented in our management API explorer page;

Sample;

curl -H "Authorization: Bearer eyJ..redacted" -X PUT -H "Content-Type: application/json" -d '[]'

# Turning on Risk Assessment:

Use the following management API and set AfterAuthentication to true. This API isn’t documented in the management API explorer yet;

Sample:

curl -H "Authorization: Bearer eyJ..redacted" -X PATCH -H "Content-Type: application/json" -d '{"AfterAuthentication":true}'

If you need to Turn off the risk assessment, you need to set the AfterAuthentication parameter to false;

Sample:

curl -H "Authorization: Bearer eyJ..redacted" -X PATCH -H "Content-Type: application/json" -d '{"AfterAuthentication":false}'