/sys/mfa endpoint focuses on managing Multi-factor Authentication (MFA)
behaviors in Vault Enterprise MFA.
Vault Enterprise allows MFA for login and access to sensitive resources in Vault. The Step-up Enterprise MFA expects the method creator to specify a name for the method; Login MFA does not, and instead returns an ID when a method is created. Although MFA methods supported with Step-up Enterprise MFA are supported with the Login MFA, they use different API endpoints.
- Step-up Enterprise MFA:
- Login MFA:
Note: While the
sys/mfa endpoint is supported for both OSS and Vault Enterprise,
sys/mfa/method/:type/:/name is only supported for Vault Enterprise.
Refer to the Login MFA FAQ document for more details.