tl;dr

The endpoint /api/v2/users/{userId}/authenticators is not documented but it returns all authenticators which I needed to create user-friendly interface of MFA.
My question is when will the endpoint be documented or be public? while I’m afraid if the endpoint is suddenly changed or removed.

It seems some users also have trouble with this.

• Accessing User MFA Enrollment Status
• Retrieve all Guardian enrollments for a user always returns 1 enrollment

Detail

I needed to list all enrollments of a user to make a user-friendly interface of MFA.
I’ve found that there is /api/v2/users/{userId}/enrollments but it only returns a first confirmed enrollment thus it is useless for my purpose.

Then, I’ve found that the guardian_authenticators attribute of a user which is shown in ‘Raw JSON’ tab on Auth0 Dashboard seems to have what I needed.
However, unfortunately, I could not get that field through /api/v2/users/{userId}.

After while, thanks to Serjlee in https://github.com/go-auth0/auth0/pull/110, I’ve found that /api/v2/users/{userId}/authenticators returns exactly same information with guardian_authenticators like:

[
  {
    "id": "email|dev_xxxxxxxxxxxxxxxx",
    "type": "email",
    "confirmed": true,
    "name": "test*******@test**********",
    "created_at": "2020-10-27T07:10:29.000Z",
    "last_auth_at": "2020-10-27T07:15:17.000Z"
  },
  {
    "id": "totp|dev_xxxxxxxxxxxxxxxx",
    "type": "totp",
    "confirmed": false,
    "created_at": "2020-10-27T07:13:28.000Z"
  },
  {
    "id": "push|dev_xxxxxxxxxxxxxxxx",
    "type": "push",
    "confirmed": true,
    "name": "test-test-test",
    "created_at": "2020-10-27T07:13:41.000Z",
    "enrolled_at": "2020-10-27T07:13:55.000Z",
    "last_auth_at": "2020-10-28T10:58:56.000Z",
    "link_id": "dev_xxxxxxxxxxxxxxxx"
  },
  {
    "id": "totp|dev_xxxxxxxxxxxxxxxx",
    "type": "totp",
    "confirmed": true,
    "created_at": "2020-10-27T07:13:41.000Z",
    "enrolled_at": "2020-10-27T07:13:55.000Z",
    "link_id": "dev_xxxxxxxxxxxxxxxx"
  },
  {
    "id": "recovery-code|dev_xxxxxxxxxxxxxxxx",
    "type": "recovery-code",
    "confirmed": true,
    "created_at": "2020-10-27T07:13:56.000Z",
    "enrolled_at": "2020-10-27T07:13:56.000Z"
  }
]

But the endpoint is not documented thus I opened this topic.

Hi @lambdalisue

This topic is under active development. I can’t guess when anything will be available, but we are working on this issue, to solve it in the best way.

John

Thanks for your reply.

So is there any official way to access active enrollments of a particular user? Or should I use that undocumented endpoint with some fallback code (e.g. returning an empty list) for now?

Hi @lambdalisue

I checked carefully, this is the rare case where the undocumented endpoint can be used.

John

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.