# Bind MFA verification by verificationId

**POST /api/experience/profile/mfa**

Bind new MFA verification to the user profile using the verificationId.


## Servers
- Logto endpoint address.: https://[tenant_id].logto.app (Logto endpoint address.)



## Parameters



## Body parameters
Content-type: application/json

- **type** (string)
  The type of MFA.
- **verificationId** (string)
  The ID of the MFA verification record.

## Responses
### 204: The MFA verification has been successfully added to the user profile.

### 400: Invalid request. <br/>- `session.verification_failed:` The MFA verification record is invalid or not verified. <br/>- `session.mfa.mfa_factor_not_enabled:` The MFA factor is not enabled in the sign-in experience settings. <br/>- `session.mfa.pending_info_not_found:` The MFA verification record does not have the required information to bind the MFA verification.

### 403: Forbidden

### 404: Entity not found. <br/> - `session.identifier_not_found:` The user has not been identified yet. The MFA verification can only be added to a identified user. <br/>- `session.verification_session_not_found:` The MFA verification record is not found.

### 422: The MFA verification can not been processed, check error message for more details. <br/>- `user.totp_already_in_use`: A TOTP MFA secret is already in use in the current user profile. <br/>- `session.mfa.backup_code_can_not_be_alone`: The backup code can not be the only MFA factor in the user profile.


[Powered by Bump.sh](https://bump.sh)