Creates a Challenge for an Authentication Factor.
import { WorkOS } from '@workos-inc/node'; const workos = new WorkOS('sk_example_123456789'); const challenge = await workos.mfa.challengeFactor({ authenticationFactorId: 'auth_factor_01FZ4TS14D1PHFNZ9GF6YD8M1F', smsTemplate: 'Your code is {{code}}', });
{ "object": "authentication_challenge", "id": "auth_challenge_01FVYZ5QM8N98T9ME5BCB2BBMJ", "expires_at": "2026-01-15T12:00:00.000Z", "code": "123456", "authentication_factor_id": "auth_factor_01FVYZ5QM8N98T9ME5BCB2BBMJ", "created_at": "2026-01-15T12:00:00.000Z", "updated_at": "2026-01-15T12:00:00.000Z" }
| curl --request POST \ | |
| --url "https://api.workos.com/auth/factors/auth_factor_01FVYZ5QM8N98T9ME5BCB2BBMJ/challenge" \ | |
| --header "Authorization: Bearer sk_example_123456789" \ | |
| --header "Content-Type: application/json" \ | |
| -d @- <<'BODY' | |
| { | |
| "sms_template": "Your verification code is {{code}}." | |
| } | |
| BODY |
| import { WorkOS } from '@workos-inc/node'; | |
| const workos = new WorkOS('sk_example_123456789'); | |
| const challenge = await workos.mfa.challengeFactor({ | |
| authenticationFactorId: 'auth_factor_01FZ4TS14D1PHFNZ9GF6YD8M1F', | |
| smsTemplate: 'Your code is {{code}}', | |
| }); |
| require "workos" | |
| WorkOS.configure do |config| | |
| config.key = "sk_example_123456789" | |
| end | |
| challenge = WorkOS::MFA.challenge_factor( | |
| authentication_factor_id: "auth_factor_01FZ4TS14D1PHFNZ9GF6YD8M1F", | |
| sms_template: "Your code is {{code}}" | |
| ) |
| from workos import WorkOSClient | |
| workos_client = WorkOSClient( | |
| api_key="sk_example_123456789", client_id="client_123456789" | |
| ) | |
| factor_id = "auth_factor_01FY7SABJNSPYR7CT052GNDQ49" | |
| message = "Your code is {{code}}" | |
| authentication_challenge = workos_client.mfa.challenge_factor( | |
| authentication_factor_id=factor_id, sms_template=message | |
| ) |
| package main | |
| import ( | |
| "context" | |
| "github.com/workos/workos-go/v3/pkg/mfa" | |
| ) | |
| func main() { | |
| mfa.SetAPIKey("sk_example_123456789") | |
| challenge, err := mfa.ChallengeFactor( | |
| context.Background(), | |
| mfa.ChallengeFactorOpts{ | |
| FactorID: "auth_factor_01FVYZ5QM8N98T9ME5BCB2BBM", | |
| SMSTemplate: "Your code is {{code}}", | |
| }, | |
| ) | |
| } |
| <?php | |
| WorkOS\WorkOS::setApiKey("sk_example_123456789"); | |
| $mfa = new WorkOS\MFA(); | |
| $authenticationFactorId = "auth_factor_01FXNWW32G7F3MG8MYK5D1HJJM"; | |
| $smsTemplate = "Your code is {{code}}"; | |
| $challenge = $mfa->challengeFactor($authenticationFactorId, $smsTemplate); |
| import com.workos.WorkOS; | |
| import com.workos.mfa.MfaApi.ChallengeFactorOptions; | |
| import com.workos.mfa.models.Challenge; | |
| WorkOS workos = new WorkOS("sk_example_123456789"); | |
| String authenticationFactorId = "auth_factor_01FY7SABJNSPYR7CT052GNDQ49"; | |
| ChallengeFactorOptions options = ChallengeFactorOptions.builder() | |
| .authenticationFactorId(authenticationFactorId) | |
| .build(); | |
| Challenge challenge = workos.mfa.challengeFactor(options); |
| WorkOS.SetApiKey("sk_example_123456789"); | |
| var mfaService = new MfaService(); | |
| var options = new ChallengeSmsFactorOptions("Your FooCorp is {{code}}.") { | |
| FactorId = "auth_factor_01FVYZ5QM8N98T9ME5BCB2BBMJ", | |
| }; | |
| var challenge = await mfaService.ChallengeFactor(options); |
| { | |
| "object": "authentication_challenge", | |
| "id": "auth_challenge_01FVYZ5QM8N98T9ME5BCB2BBMJ", | |
| "expires_at": "2026-01-15T12:00:00.000Z", | |
| "code": "123456", | |
| "authentication_factor_id": "auth_factor_01FVYZ5QM8N98T9ME5BCB2BBMJ", | |
| "created_at": "2026-01-15T12:00:00.000Z", | |
| "updated_at": "2026-01-15T12:00:00.000Z" | |
| } |
POST/authParameters Returns Verifies an Authentication Challenge.
import { WorkOS } from '@workos-inc/node'; const workos = new WorkOS('sk_example_123456789'); const { challenge, valid } = await workos.mfa.verifyChallenge({ authenticationChallengeId: 'auth_challenge_01FVYZWQTZQ5VB6BC5MPG2EYC5', code: '123456', });
{ "challenge": { "object": "authentication_challenge", "id": "auth_challenge_01FVYZ5QM8N98T9ME5BCB2BBMJ", "expires_at": "2026-01-15T12:00:00.000Z", "code": "123456", "authentication_factor_id": "auth_factor_01FVYZ5QM8N98T9ME5BCB2BBMJ", "created_at": "2026-01-15T12:00:00.000Z", "updated_at": "2026-01-15T12:00:00.000Z" }, "valid": true }
| curl --request POST \ | |
| --url "https://api.workos.com/auth/challenges/auth_challenge_01FVYZ5QM8N98T9ME5BCB2BBMJ/verify" \ | |
| --header "Authorization: Bearer sk_example_123456789" \ | |
| --header "Content-Type: application/json" \ | |
| -d @- <<'BODY' | |
| { | |
| "code": "123456" | |
| } | |
| BODY |
| import { WorkOS } from '@workos-inc/node'; | |
| const workos = new WorkOS('sk_example_123456789'); | |
| const { challenge, valid } = await workos.mfa.verifyChallenge({ | |
| authenticationChallengeId: 'auth_challenge_01FVYZWQTZQ5VB6BC5MPG2EYC5', | |
| code: '123456', | |
| }); |
| require "workos" | |
| WorkOS.configure do |config| | |
| config.key = "sk_example_123456789" | |
| end | |
| response = WorkOS::MFA.verify_challenge( | |
| authentication_challenge_id: "auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J", | |
| code: "123456" | |
| ) |
| from workos import WorkOSClient | |
| workos_client = WorkOSClient( | |
| api_key="sk_example_123456789", client_id="client_123456789" | |
| ) | |
| challenge_id = "auth_challenge_01FY7SGMZVEQ8AAGZER2XRQ5NJ" | |
| challenge_code = "123456" | |
| response = workos_client.mfa.verify_challenge( | |
| authentication_challenge_id=challenge_id, code=challenge_code | |
| ) |
| package main | |
| import ( | |
| "context" | |
| "github.com/workos/workos-go/v3/pkg/mfa" | |
| ) | |
| func main() { | |
| mfa.SetAPIKey("sk_example_123456789") | |
| verify, err := mfa.VerifyChallenge( | |
| context.Background(), | |
| mfa.VerifyChallengeOpts{ | |
| ChallengeID: "auth_challenge_01FVYZ5QM8N98T9ME5BCB2BBM", | |
| Code: "123456", | |
| }, | |
| ) | |
| } |
| <?php | |
| WorkOS\WorkOS::setApiKey("sk_example_123456789"); | |
| $mfa = new WorkOS\MFA(); | |
| $authenticationChallengeId = "auth_challenge_01FXNX3BTZPPJVKF65NNWGRHZJ"; | |
| $code = "123456"; | |
| $response = $mfa->verifyChallenge($authenticationChallengeId, $code); |
| import com.workos.WorkOS; | |
| import com.workos.mfa.MfaApi.VerifyChallengeOptions; | |
| import com.workos.mfa.MfaApi.VerifyChallengeResponse; | |
| WorkOS workos = new WorkOS("sk_example_123456789"); | |
| String authenticationChallengeId = "auth_challenge_01FVYZWQTZQ5VB6BC5MPG2EYC5"; | |
| String code = "123456"; | |
| VerifyChallengeOptions options = VerifyChallengeOptions.builder() | |
| .authenticationChallengeId(authenticationChallengeId) | |
| .code(code) | |
| .build(); | |
| VerifyChallengeResponse response = workos.mfa.verifyChallenge(options); |
| WorkOS.SetApiKey("sk_example_123456789"); | |
| var mfaService = new MfaService(); | |
| var options = new VerifyChallengeOptions { | |
| ChallengeId = "auth_challenge_01FVYZWQTZQ5VB6BC5MPG2EYC5", | |
| Code = "123456", | |
| }; | |
| var response = await mfaService.VerifyChallenge(options); |
| { | |
| "challenge": { | |
| "object": "authentication_challenge", | |
| "id": "auth_challenge_01FVYZ5QM8N98T9ME5BCB2BBMJ", | |
| "expires_at": "2026-01-15T12:00:00.000Z", | |
| "code": "123456", | |
| "authentication_factor_id": "auth_factor_01FVYZ5QM8N98T9ME5BCB2BBMJ", | |
| "created_at": "2026-01-15T12:00:00.000Z", | |
| "updated_at": "2026-01-15T12:00:00.000Z" | |
| }, | |
| "valid": true | |
| } |
POST/authParameters Returns