Dear team,
we were using the below API to know if the user has enabled mfa or not using the flag mfa.read.
Although the swager.json says we can use the handler mfa.read to get the information,
the API always gave error.
{
"key": "resourceNotFound",
"context": "GET /users/{account_id}/manage/mfa.read does not exist in the Swagger for this application",
"errorKey": "resource-not-found",
"errorDetail": "GET /users/{account_id}/manage/mfa.read does not exist in the Swagger for this application",
"traceDetail": {
"traceId": "91264013c1cd0d73",
"spanId": "6bcd049c99276774",
"parentSpanId": "c670299230ef6a26"
}
}
The below documentation does say that the information can be obtained for the same.
https://developer.atlassian.com/cloud/admin/user-management/rest/#api-users-account-id-manage-get
I have raised a ticket for the same which is below
JST-532526 User API for MFA.read gives error
Can somebody help to shed some light for the issue that we are encountering.
Hello @Vinod ,
The User Management REST API endpoint you are calling is working as expected. However, you are passing the parameter in a wrong way and that's why it is failing for you.
As written in the documentation, you have to pass (append to the URL) the query parameter privileges followed by a comma separated list of values, while you are adding the value mfa.read to the URL itself (instead of passing it as a parameter).
So, to summarize, the right/expected format is:
While you are calling:
In order to have the REST API call working, you have to replace {account_id} (or <ACCOUNT_ID> in my example) with the real account id of the users you want to get the data from.
I can confirm that the REST API works as expected if the correct endpoint is provided (replace <API-KEY> with the api_key you generate in admin.atlassian.com for your organization and <ACCOUNT_ID> with the account_id of the user you want to get the information:
curl -H 'Authorization: Bearer <API_KEY>' -H 'Accept: application/json' -X GET https://api.atlassian.com/users/<ACCOUNT_ID>/manage?privileges=mfa.read
{"mfa.read":{"allowed":true}}
For further details on this, please review:
Cheers,
Dario
Also, just FYI, I have created a Documentation request to have the parameters added to the list of the accepted values:
Cheers,
Dario
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Vinod ,
I made some more tests and I can confirm that the endpoint is always returning "allowed":true regardless MFA is enabled or not for the user/organization.
I have created below bug request to have this issue fixed:
Please vote for the above bug ticket and set yourself as a watcher so that you will be notified in case of any update/progress. The bug will be addressed according to the Atlassian Cloud bug fixing policy.
Cheers,
Dario
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.