Enroll a new TOTP factor

curl --request POST \
  --url https://api.mnemom.ai/v1/auth/mfa/enroll \
  --header 'Content-Type: application/json' \
  --cookie mnemom_session= \
  --data '
{
  "friendly_name": "<string>"
}
'

{
  "id": "<string>",
  "type": "totp",
  "totp": {
    "qr_code": "<string>",
    "secret": "<string>",
    "uri": "<string>"
  }
}

POST

auth

mfa

enroll

Enroll a new TOTP factor

curl --request POST \
  --url https://api.mnemom.ai/v1/auth/mfa/enroll \
  --header 'Content-Type: application/json' \
  --cookie mnemom_session= \
  --data '
{
  "friendly_name": "<string>"
}
'

{
  "id": "<string>",
  "type": "totp",
  "totp": {
    "qr_code": "<string>",
    "secret": "<string>",
    "uri": "<string>"
  }
}

Authorizations

mnemom_session

string

required

HttpOnly, Secure, SameSite=Lax cookie issued by /v1/auth/sign-in (or the SSO / email-callback flows). The value is an AES-256-GCM-encrypted blob of {access_token, refresh_token, issued_at, auth_method}. Browser clients include this automatically with credentials: "include".

Body

application/json

friendly_name

string

Response

Factor enrolled (unverified). Supabase passthrough.

string

type

enum<string>

Available options:

totp

totp

object

Show child attributes

List the current user's TOTP factors Unenroll a TOTP factor

⌘I