Postman collection for self-service MFA enrollment

This guide helps you to test the CyberArk Identity self-service MFA enrollment related APIs using postman collection. Postman is an HTTP testing API application that allows you to monitor requests and responses.



Import postman collection

Run in Postman

Get started with postman collection

Once the postman collection is imported, the following variables must be pre-filled to run the collection based on the functionality you want to try out.

The following variables should be pre-filled for authentication profile management:

Variable nameDescription
tenant_urlThe URL of the CyberArk Identity tenant ( The URL will be used for all API requests to CyberArk Identity.
usernameThe username of the CyberArk Identity directory user.
passwordThe password of the CyberArk Identity directory user.
sq_answerThe answer to the security question to be added.
sq_questionThe security question to be added,
phone_pinThe phone PIN is required to a setup a phone call as MFA.
oath_otpThe time-based one-time password to set up the OATH OTP.
android_versionThe version of the android phone that needs to be enrolled.
ios_versionThe version of the iOS phone that needs to be enrolled.
fido2_security_idThe credential ID generated by the FIDO2 authenticator
fido2_raw_idThe ArrayBuffer contained in the [[identifier]] internal slot.
fido2_challengeThe challenge used for generating the newly created credential’s attestation object. This challenge can be generated using the /U2f/GetRegistrationChallenge API
fido2_authenticator_typeThe FIDO2 authenticator type can either be "SECURITYKEY" for FIDO2 security key or "ONDEVICEAUTHENTICATOR" for on-device authenticator.
fido2_attestation_objectThe attestation object that contains authenticator data and attestation statement.
fido2_client_dataThis attribute, inherited from AuthenticatorResponse, contains the JSON-compatible serialization of client data
fido2_security_key_nameThe name for the FIDO2 security key
new_passwordThe new password for the user.
old_passwordThe old password of the user that needs to be changed.