Help Center/ IAM Identity Center/ API Reference/ API/ User Management/ Listing MFA Devices of a User
Updated on 2025-08-21 GMT+08:00

Listing MFA Devices of a User

Function

This API is used to list MFA devices of a specified user. It can be called only from the organization's management account or from a delegated administrator account of a cloud service.

URI

POST /v1/identity-stores/{identity_store_id}/users/retrieve-mfa-devices

Table 1 Path parameters

Parameter

Mandatory

Type

Description

identity_store_id

Yes

String

Globally unique ID of an identity source.

Request Parameters

Table 2 Parameters in the request header

Parameter

Mandatory

Type

Description

X-Security-Token

No

String

Security token (session token) of your temporary security credentials. If a temporary security credential is used, this header is required.

Table 3 Parameters in the request body

Parameter

Mandatory

Type

Description

user_list

Yes

Array of RetrieveMfaDevicesForUserDto objects

User list.

Table 4 RetrieveMfaDevicesForUserDto

Parameter

Mandatory

Type

Description

identity_store_id

Yes

String

Globally unique ID of an identity source.

user_id

Yes

String

Unique user ID.

Response Parameters

Status code: 200

Table 5 Parameters in the response body

Parameter

Type

Description

user_mfa_devices_entry_list

Array of RetrieveMfaDevicesForUserEntryDto objects

MFA device list of a user.

Table 6 RetrieveMfaDevicesForUserEntryDto

Parameter

Type

Description

mfa_devices

Array of MfaDeviceDto objects

MFA device list.

user

RetrieveMfaDevicesForUserDto object

User information.

Table 7 MfaDeviceDto

Parameter

Type

Description

device_id

String

Unique ID of an MFA device.

device_name

String

MFA device name.

display_name

String

Display name of an MFA device.

mfa_type

String

MFA type.

registered_date

Long

Registration time.

Table 8 RetrieveMfaDevicesForUserDto

Parameter

Type

Description

identity_store_id

String

Globally unique ID of an identity source.

user_id

String

Unique user ID.

Status code: 400

Table 9 Parameters in the response body

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

request_id

String

Unique ID of a request.

Status code: 403

Table 10 Parameters in the response body

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

request_id

String

Unique ID of a request.

encoded_authorization_message

String

Encrypted error message.

Example Request

Listing MFA devices of a specified user

POST https://{hostname}/v1/identity-stores/{identity_store_id}/users/retrieve-mfa-devices

{
  "user_list" : [ {
    "identity_store_id" : "d-a23axxxx",
    "user_id" : "201dca3f-965b-4311-8830-dc7953axxxx"
  } ]
}

Example Response

Status code: 200

Successful

{
  "user_mfa_devices_entry_list" : [ {
    "mfa_devices" : [ {
      "device_id" : "m-fd4e4981d8",
      "device_name" : "MFA1",
      "display_name" : "MFA1",
      "mfa_type" : "TOTP",
      "registered_date" : 1753862382307
    } ],
    "user" : {
      "identity_store_id" : "d-a23adaabca",
      "user_id" : "201dca3f-965b-4311-8830-dc7953aecdcc"
    }
  } ]
}

Status Codes

Status Code

Description

200

Successful.

400

Bad request.

403

Forbidden.

Error Codes

For details, see Error Codes.