# Multi-factor authentication settings > **Work in progress!**\ > This API is a work in progress and may change in future releases.\ > In this version, allowing MFA to a user automatically enables it for them. ## API actions API path: `panel/user/mfa/settings`. ### update Updates users' MFA settings. *required permissions*: `users: "update"`. #### Parameters | name | description | type | | -------- | -------------------------- | ------------------------------- | | target | Target of the update. | [Update target](#update-target) | | settings | MFA settings for the user. | [MFA settings](#mfa-settings) | **Update target** | name | description | type | | ---- | -------------------------------------------------------------------------- | -------------------------- | | type | Specifies the type of the target: it could be either `all` or `selected`. | string | | ids | Used only when the `type` is `selected`. Specifies the `ids` of the users. | array of positive integers | #### Example {% code title="cURL" %} ```sh curl -X POST 'https://api.eu.navixy.com/v2/panel/user/mfa/settings/update' \ -H 'Authorization: NVX 22eac1c27af4be7b9d04da2ce1af111b' \ -H 'Content-Type: application/json' \ -d '{ "target": { "type": "all" }, "settings": { "type": "disallowed" } }' ``` {% endcode %} #### Response ```json { "success": true } ``` #### Errors * 201 – Not found in the database — if the specified user does not exist or belongs to a different dealer. ### read default Reads default MFA settings which are applied to the newly created users. *required permissions*: `users: "read"`. #### Example {% code title="cURL" %} ```sh curl -X POST 'https://api.eu.navixy.com/v2/panel/user/mfa/settings/default/read' \ -H 'Authorization: NVX 22eac1c27af4be7b9d04da2ce1af111b' ``` {% endcode %} #### Response ```json { "success": true, "value": { "type": "disallowed" } } ``` * `value` - optional [MFA settings](#mfa-settings). ### update default Updates default MFA settings which are applied to the newly created users. *required permissions*: `users: "update"`. #### Parameters | name | description | type | | -------- | --------------------------- | ----------------------------- | | settings | MFA settings for the users. | [MFA settings](#mfa-settings) | #### Example {% code title="cURL" %} ```sh curl -X POST 'https://api.eu.navixy.com/v2/panel/user/mfa/settings/default/update' \ -H 'Authorization: NVX 22eac1c27af4be7b9d04da2ce1af111b' \ -H 'Content-Type: application/json' \ -d '{ "settings": { "type": "disallowed" } }' ``` {% endcode %} #### Response ```json { "success": true } ``` ## Types ### MFA settings ```json { "type": "allowed", "factor_types": ["email"] } ``` * `type` - [settings action type](#settings-action-type). * `factor_types` - optional array of [factor types](#factor-type). Required if `type` is `allowed`. ### Settings action type * `allowed` - MFA with specified types is allowed for the users. * `disallowed` - MFA is disallowed for the users. ### Factor type * `email` - a multi-digit code sent by email. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://navixy.com/docs/navixy-api/panel-api/resources/user/mfa-settings.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.