We are creating a self service helpdesk chatbot to assist our employees and reduce calls to our help desk agents. We would like to use the MFA registered auth modes to verify a user within the bot to unlock a user account for example.
Can graph APIs be added to trigger the various MFA auth modes?
DISCLAIMER: For clarification purposes only. Not proposing this API design.
E.g.
GET users/id/mfa/authmodes
Response:
[
{
"id" : 1,
"type" : "authorizer",
"name" : "Authy"
},
{
"id" : 2,
"type" : "security question",
"name" : "Who was your first grade teacher?"
},
{
"id" : 3,
"type" : "security question",
"name" : "What is your favorite color?"
}
]
GET users/{id}/mfa/captcha
POST users/{id}/mfa/authmodes/1/authorize
BODY: { "captcha" : "s0m3Captcha:,
"code" : 123456 }
RESPONSE:
200 or 401