Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal

Recognition

  • Give kudos
  • Received
  • Given

Leaderboard

  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

User API doesnt return mfa status for the user

Dear team,

we were using the below API to know if the user has enabled mfa or not using the flag mfa.read. 

Although the swager.json says we can use the handler mfa.read to get the information, 

the API always gave error.

{
"key": "resourceNotFound",
"context": "GET /users/{account_id}/manage/mfa.read does not exist in the Swagger for this application",
"errorKey": "resource-not-found",
"errorDetail": "GET /users/{account_id}/manage/mfa.read does not exist in the Swagger for this application",
"traceDetail": {
"traceId": "91264013c1cd0d73",
"spanId": "6bcd049c99276774",
"parentSpanId": "c670299230ef6a26"
}
}

The below documentation does say that the information can be obtained for the same.

https://developer.atlassian.com/cloud/admin/user-management/rest/#api-users-account-id-manage-get

I have raised a ticket for the same which is below

JST-532526 User API for MFA.read gives error

Can somebody help to shed some light for the issue that we are encountering.

1 answer

0 votes
Dario B Atlassian Team Dec 12, 2019

Hello @Vinod ,

The User Management REST API endpoint you are calling is working as expected. However, you are passing the parameter in a wrong way and that's why it is failing for you.

As written in the documentation, you have to pass (append to the URL) the query parameter privileges followed by a comma separated list of values, while you are adding the value mfa.read to the URL itself (instead of passing it as a parameter).

 

So, to summarize, the right/expected format is: 

While you are calling:

 

In order to have the REST API call working, you have to replace {account_id} (or <ACCOUNT_ID> in my example) with the real account id of the users you want to get the data from.

 

I can confirm that the REST API works as expected if the correct endpoint is provided (replace <API-KEY> with the api_key you generate in admin.atlassian.com for your organization and <ACCOUNT_ID> with the account_id of the user you want to get the information:

curl -H 'Authorization: Bearer <API_KEY>' -H 'Accept: application/json' -X GET https://api.atlassian.com/users/<ACCOUNT_ID>/manage?privileges=mfa.read

 
{"mfa.read":{"allowed":true}}

 

For further details on this, please review:

 

 

Cheers,
Dario

Dario B Atlassian Team Dec 12, 2019

Also, just FYI, I have created a Documentation request to have the parameters added to the list of the accepted values:

Cheers,
Dario

@Dario B thanks a lot for the answer. I am still having issue in identifying if an user has enabled MFA or not. 

Dario B Atlassian Team Dec 19, 2019

Hi @Vinod , 

I made some more tests and I can confirm that the endpoint is always returning "allowed":true regardless MFA is enabled or not for the user/organization.

I have created below bug request to have this issue fixed: 

Please vote for the above bug ticket and set yourself as a watcher so that you will be notified in case of any update/progress. The bug will be addressed according to the Atlassian Cloud bug fixing policy.

 

Cheers,
Dario

Suggest an answer

Log in or Sign up to answer
TAGS

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you