POST `/admin/mfa/risk-policies/evaluate`

传入用户上下文（user_id、IP、设备指纹），返回评估的风险等级和要求的MFA方法。参考：NIST SP 800-63B §5.2 (Risk-based Authentication)。需要管理员权限。

MFA `bearerAuth` application/json

Request Body

Schema: dto.EvaluateRiskPolicyRequest

Field	Type	Required	Example	Constraints	Description
`user_id`	`string`	Yes
`device_fingerprint`	`string`	No
`ip`	`string`	No

Responses

Status	Description	Schema
200	评估结果	`dto.EvaluateRiskPolicyDetailResponse`
400	参数错误	`gitee_com_linmes_authms_base_dto.SimpleResponse`
401	未认证	`gitee_com_linmes_authms_base_dto.SimpleResponse`
403	权限不足	`gitee_com_linmes_authms_base_dto.SimpleResponse`
500	服务器内部错误	`gitee_com_linmes_authms_base_dto.SimpleResponse`

Referenced Schemas

dto.EvaluateRiskPolicyDetailResponse

Field	Type	Required	Example	Constraints	Description
`code`	`integer`	No
`data`	`dto.EvaluateRiskPolicyResponse`	No
`message`	`string`	No
`timestamp`	`string`	No

dto.EvaluateRiskPolicyResponse

Field	Type	Required	Example	Constraints	Description
`is_new_device`	`boolean`	No	`False`
`level`	`string`	No	`medium`
`required_methods`	array of string	No	`['["totp"', '"sms"]']`

gitee_com_linmes_authms_base_dto.SimpleResponse

Field	Type	Required	Example	Constraints	Description
`code`	`integer`	No
`message`	`string`	No
`timestamp`	`string`	No

Try this API in Scalar → Download OpenAPI spec (JSON) ↓

↑