Связаться с намиПопробовать бесплатно

Identity Hub API, REST: MfaEnforcement.Deactivate

Статья создана
Обновлена 15 декабря 2025 г.

deactivates the specified MFA enforcement

HTTP request

PATCH https://organization-manager.api.yandexcloud.kz/organization-manager/v1/mfaEnforcements/{mfaEnforcementId}:deactivate

Path parameters

Field

Description

mfaEnforcementId

string

Required field. id of the MFA enforcement

The maximum string length in characters is 50.

Response

HTTP Code: 200 - OK

{
  "id": "string",
  "description": "string",
  "createdAt": "string",
  "createdBy": "string",
  "modifiedAt": "string",
  "done": "boolean",
  "metadata": {
    "mfaEnforcementId": "string"
  },
  // Includes only one of the fields `error`, `response`
  "error": {
    "code": "integer",
    "message": "string",
    "details": [
      "object"
    ]
  },
  "response": {
    "id": "string",
    "organizationId": "string",
    "acrId": "string",
    "ttl": "string",
    "status": "string",
    "applyAt": "string",
    "enrollWindow": "string",
    "name": "string",
    "description": "string",
    "createdAt": "string"
  }
  // end of the list of possible fields
}

An Operation resource. For more information, see Operation.

Field

Description

id

string

ID of the operation.

description

string

Description of the operation. 0-256 characters long.

createdAt

string (date-time)

Creation timestamp.

String in RFC3339 text format. The range of possible values is from
0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z, i.e. from 0 to 9 digits for fractions of a second.

To work with values in this field, use the APIs described in the
Protocol Buffers reference.
In some languages, built-in datetime utilities do not support nanosecond precision (9 digits).

createdBy

string

ID of the user or service account who initiated the operation.

modifiedAt

string (date-time)

The time when the Operation resource was last modified.

String in RFC3339 text format. The range of possible values is from
0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z, i.e. from 0 to 9 digits for fractions of a second.

To work with values in this field, use the APIs described in the
Protocol Buffers reference.
In some languages, built-in datetime utilities do not support nanosecond precision (9 digits).

done

boolean

If the value is false, it means the operation is still in progress.
If true, the operation is completed, and either error or response is available.

metadata

DeactivateMfaEnforcementMetadata

Service-specific metadata associated with the operation.
It typically contains the ID of the target resource that the operation is performed on.
Any method that returns a long-running operation should document the metadata type, if any.

error

Status

The error result of the operation in case of failure or cancellation.

Includes only one of the fields error, response.

The operation result.
If done == false and there was no failure detected, neither error nor response is set.
If done == false and there was a failure detected, error is set.
If done == true, exactly one of error or response is set.

response

MfaEnforcement

The normal response of the operation in case of success.
If the original method returns no data on success, such as Delete,
the response is google.protobuf.Empty.
If the original method is the standard Create/Update,
the response should be the target resource of the operation.
Any method that returns a long-running operation should document the response type, if any.

Includes only one of the fields error, response.

The operation result.
If done == false and there was no failure detected, neither error nor response is set.
If done == false and there was a failure detected, error is set.
If done == true, exactly one of error or response is set.

DeactivateMfaEnforcementMetadata

Field

Description

mfaEnforcementId

string

id of the MFA enforcement

Status

The error result of the operation in case of failure or cancellation.

Field

Description

code

integer (int32)

Error code. An enum value of google.rpc.Code.

message

string

An error message.

details[]

object

A list of messages that carry the error details.

MfaEnforcement

MFA enforcement resource

Field

Description

id

string

id of the MFA enforcement

organizationId

string

organization id of the MFA enforcement

acrId

string

acr id of the MFA enforcement

ttl

string (duration)

the period during which the entered MFA factor is considered valid and the
corresponding acr is regarded as satisfied

status

enum (MfaEnforcementStatus)

MFA enforcement status

  • MFA_ENFORCEMENT_STATUS_ACTIVE
  • MFA_ENFORCEMENT_STATUS_INACTIVE
  • MFA_ENFORCEMENT_STATUS_DELETING

applyAt

string (date-time)

the MFA enforcement application start time.

String in RFC3339 text format. The range of possible values is from
0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z, i.e. from 0 to 9 digits for fractions of a second.

To work with values in this field, use the APIs described in the
Protocol Buffers reference.
In some languages, built-in datetime utilities do not support nanosecond precision (9 digits).

enrollWindow

string (duration)

the time window during which the user is allowed to create an MFA profile.
this window is measured relative to the MFA enforcement application start time
and the user's most recent successful authentication that falls under the rule
(or the user's creation time, if there has been no authentication).

name

string

name of the MFA enforcement

description

string

description of the MFA enforcement

createdAt

string (date-time)

creation timestamp

String in RFC3339 text format. The range of possible values is from
0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z, i.e. from 0 to 9 digits for fractions of a second.

To work with values in this field, use the APIs described in the
Protocol Buffers reference.
In some languages, built-in datetime utilities do not support nanosecond precision (9 digits).
Предыдущая
Activate
Следующая
Delete