POST /mfa/step-up
Perform secondary MFA verification for sensitive operations of logged-in users, supporting TOTP, SMS, and email. Rate limiting is applied. Reference: NIST SP 800-63B §5.1.7, OWASP ASVS V2.8.
Multi-Factor Authentication `bearerAuth` application/json
Request Body
Schema: dto.StepUpRequest
| Field | Type | Required | Example | Constraints | Description |
code |
string |
Yes |
123456 |
|
|
method |
string |
Yes |
totp |
enum: `totp`, `sms`, `email` |
|
user_id |
string |
Yes |
usr_abc123 |
|
|
Referenced Schemas
dto.StepUpDetailResponse
| Field | Type | Required | Example | Constraints | Description |
code |
integer |
No |
|
|
|
data |
dto.StepUpResponse |
No |
|
|
|
message |
string |
No |
|
|
|
timestamp |
string |
No |
|
|
|
dto.StepUpResponse
| Field | Type | Required | Example | Constraints | Description |
expires_in |
integer |
No |
300 |
|
|
message |
string |
No |
step-up authentication successful |
|
|
step_up_token |
string |
No |
eyJ... |
|
|
valid |
boolean |
No |
True |
|
|
gitee_com_linmes_authms_base_dto.SimpleResponse
| Field | Type | Required | Example | Constraints | Description |
code |
integer |
No |
|
|
|
message |
string |
No |
|
|
|
timestamp |
string |
No |
|
|
|