Service: zimbraAccount
Namespace: "urn:zimbraAccount"
EnableTwoFactorAuth SOAP Command

Authorization token required UNKNOWN
Admin Authorization token required UNKNOWN

EnableTwoFactorAuthRequest

    <EnableTwoFactorAuthRequest [csrfTokenSecured="(0|1)"]> ## EnableTwoFactorAuthRequest
        <name>{acctName} (String)</name>
        <password>{password} (String)</password>
        <authToken [verifyAccount="(0|1)"] [lifetime="(Long)"]>{value}</authToken> ## AuthToken
        <twoFactorCode>{twoFactorCode} (String)</twoFactorCode>
    </EnableTwoFactorAuthRequest>

The following table describes elements and attributes you can define within a <EnableTwoFactorAuthRequest> element:

XPath Required / Optional Description
@csrfTokenSecured Optional (0 or 1) Type:0|1
Whether the client supports the CSRF token
/name Required (only 1) Type:{acctName} (String)
The name of the account for which to enable two-factor auth
/password Optional (0 or 1) Type:{password} (String)
Password to use in conjunction with an account
/authToken Optional (0 or 1) Type:{value}
Auth token issued during the first 2FA enablement step
Description for element text content:Value for authorization token
/authToken@verifyAccount Optional (0 or 1) Type:0|1
If verifyAccount="1", <account> is required and the account in the auth token is compared to the named account. If verifyAccount="0" (default), only the auth token is verified and any <account> element specified is ignored.
/authToken@lifetime Optional (0 or 1) Type:Long
Life time of the auth token
/twoFactorCode Optional (0 or 1) Type:{twoFactorCode} (String)

EnableTwoFactorAuthResponse

    <EnableTwoFactorAuthResponse> ## EnableTwoFactorAuthResponse
        <secret>{secret} (String)</secret>
        <authToken [verifyAccount="(0|1)"] [lifetime="(Long)"]>{value}</authToken> ## AuthToken
        <scratchCodes>
            (<scratchCode>{scratchCodes} (String)</scratchCode>)*
        </scratchCodes>
        <csrfToken>{csrfToken} (String)</csrfToken>
    </EnableTwoFactorAuthResponse>

The following table describes elements and attributes you can define within a <EnableTwoFactorAuthResponse> element:

XPath Required / Optional Description
/secret Optional (0 or 1) Type:{secret} (String)
/authToken Optional (0 or 1) Type:{value}
Auth token required for completing enabling two-factor authentication
Description for element text content:Value for authorization token
/authToken@verifyAccount Optional (0 or 1) Type:0|1
If verifyAccount="1", <account> is required and the account in the auth token is compared to the named account. If verifyAccount="0" (default), only the auth token is verified and any <account> element specified is ignored.
/authToken@lifetime Optional (0 or 1) Type:Long
Life time of the auth token
/scratchCodes Required (only 1)
/scratchCodes/scratchCode Optional (0 or more) Type:{scratchCodes} (String)
/csrfToken Optional (0 or 1) Type:{csrfToken} (String)