MFA Service

Port 11005 · 70 endpoints · micro-services/mfa-service/

Admin

Method	Path	Summary
GET	`/admin/mfa/push/challenges`	管理端查看推送挑战列表	detail →
GET	`/admin/mfa/push/stats`	获取Push MFA挑战统计	detail →

Internal

Method	Path	Summary
GET	`/internal/mfa/push/challenge/{id}`	内部获取Push挑战状态	detail →

MFA

Method	Path	Summary
GET	`/admin/mfa/config-audit-logs`	获取MFA配置审计日志	detail →
GET	`/admin/mfa/ip-whitelist`	列出IP白名单	detail →
POST	`/admin/mfa/ip-whitelist`	创建IP白名单	detail →
DELETE	`/admin/mfa/ip-whitelist/{id}`	删除IP白名单	detail →
GET	`/admin/mfa/ip-whitelist/{id}`	获取IP白名单	detail →
PUT	`/admin/mfa/ip-whitelist/{id}`	更新IP白名单	detail →
GET	`/admin/mfa/push/challenges`	管理端查看推送挑战列表	detail →
GET	`/admin/mfa/push/stats`	获取Push MFA挑战统计	detail →
DELETE	`/admin/mfa/reset/{user_id}`	管理员重置用户MFA	detail →
GET	`/admin/mfa/risk-policies`	列出所有风险策略	detail →
POST	`/admin/mfa/risk-policies/evaluate`	评估风险策略	detail →
DELETE	`/admin/mfa/risk-policies/{level}`	删除指定等级的风险策略	detail →
PUT	`/admin/mfa/risk-policies/{level}`	更新指定等级的风险策略	detail →
GET	`/admin/mfa/risk-policy`	获取MFA风险策略	detail →
PUT	`/admin/mfa/risk-policy`	更新MFA风险策略	detail →
POST	`/internal/mfa/erase`	内部擦除用户MFA数据	detail →
GET	`/internal/mfa/push/challenge/{id}`	内部获取Push挑战状态	detail →
GET	`/internal/mfa/status/{user_id}`	内部获取用户MFA状态	detail →
GET	`/internal/mfa/totp/devices`	内部获取TOTP设备列表	detail →
POST	`/internal/mfa/totp/disable`	内部禁用TOTP	detail →
POST	`/internal/mfa/totp/validate`	内部验证TOTP码	detail →
GET	`/mfa/backup-codes`	查看备用码	detail →
GET	`/mfa/backup-codes/count`	查看备用码数量	detail →
POST	`/mfa/backup-codes/generate`	生成备用恢复码	detail →
POST	`/mfa/backup-codes/verify`	独立备用码验证	detail →
POST	`/mfa/challenge`	创建通用MFA挑战	detail →
POST	`/mfa/credentials/{id}/primary`	设置主认证方式	detail →
GET	`/mfa/devices/sync`	列出同步设备	detail →
POST	`/mfa/devices/sync`	同步设备数据	detail →
POST	`/mfa/email/disable`	禁用邮箱 MFA	detail →
PUT	`/mfa/email/enroll`	Email MFA注册	detail →
POST	`/mfa/email/send`	发送邮箱验证码	detail →
POST	`/mfa/email/verify`	验证邮箱验证	detail →
GET	`/mfa/methods`	列出MFA方法	detail →
DELETE	`/mfa/methods/{method_type}`	删除MFA方法	detail →
POST	`/mfa/push/approve`	批准Push MFA挑战	detail →
POST	`/mfa/push/challenge`	创建Push MFA挑战	detail →
GET	`/mfa/push/challenge/{id}`	获取Push挑战状态	detail →
POST	`/mfa/push/deny`	拒绝Push MFA挑战	detail →
GET	`/mfa/push/history`	获取Push MFA挑战历史	detail →
POST	`/mfa/sms/disable`	禁用短信 MFA	detail →
PUT	`/mfa/sms/enroll`	SMS MFA注册	detail →
POST	`/mfa/sms/send`	发送短信验证码	detail →
POST	`/mfa/sms/verify`	验证短信验证	detail →
GET	`/mfa/status/{user_id}`	获取用户MFA状态	detail →
POST	`/mfa/step-up`	MFA步进认证	detail →
GET	`/mfa/totp/devices`	列出TOTP设备	detail →
POST	`/mfa/totp/devices`	注册TOTP设备	detail →
DELETE	`/mfa/totp/devices/{id}`	撤销TOTP设备	detail →
GET	`/mfa/totp/devices/{id}`	获取TOTP设备详情	detail →
POST	`/mfa/totp/devices/{id}/disable`	禁用TOTP设备	detail →
POST	`/mfa/totp/devices/{id}/enable`	启用TOTP设备	detail →
POST	`/mfa/totp/disable`	禁用TOTP	detail →
POST	`/mfa/totp/enable`	启用TOTP多因素认证	detail →
POST	`/mfa/totp/setup`	启用TOTP多因素认证	detail →
POST	`/mfa/totp/validate`	验证TOTP码（登录时）	detail →
POST	`/mfa/totp/verify`	验证并启用TOTP	detail →
DELETE	`/mfa/trusted-devices`	撤销所有受信设备	detail →
GET	`/mfa/trusted-devices`	列出受信设备	detail →
POST	`/mfa/trusted-devices`	记住受信设备	detail →
GET	`/mfa/trusted-devices/check`	检查设备是否受信	detail →
POST	`/mfa/trusted-devices/cleanup`	清理过期受信设备	detail →
DELETE	`/mfa/trusted-devices/{id}`	撤销受信设备	detail →
GET	`/mfa/trusted-devices/{id}`	获取受信设备详情	detail →
GET	`/mfa/webauthn/credentials`	列出WebAuthn凭证	detail →
POST	`/mfa/webauthn/credentials/register`	开始WebAuthn凭证注册	detail →
POST	`/mfa/webauthn/credentials/register/verify`	完成WebAuthn凭证注册	detail →
DELETE	`/mfa/webauthn/credentials/{id}`	删除WebAuthn凭证	detail →
GET	`/mfa/webauthn/credentials/{id}`	获取WebAuthn凭证详情	detail →
PUT	`/mfa/webauthn/credentials/{id}`	重命名WebAuthn凭证	detail →