POST
user creation is the registered fingerprint associated with the user.phone_numbers
. You can let the user select the phone number from that list and then make the API call again by specifying the phone_number
you want the 2FA to be sent. This will trigger the 2FA protocol and a PIN will be sent to the selected phone number. The user will be able to verify the device via this API call itself. You can supply validation_pin
under the user object and the verification will be triggered.user_pk
+client_id
+client_secret
. That way the value is still somewhat secret and you won't need to store a different fingerprint for each user.