This endpoint adds the standard set of two-factor authentication (2FA) messages (registrationVerification,resendVerification, and secondFactor) to the specified flow. Note that you can use 2FA without calling this endpoint. However, you won’t be able to modify any of those messages unless you call the/config/{appId}/flows/{flow}/2faMessages endpoint and add the messages to your flow.

Note, too, that this endpoint only adds US English versions of the 2FA messages to a flow. However, you can use the /config/{appId}/flows/{flow}/locales/{locale}/2faMessages/{message} endpoint to create localized versions of the messages as needed.

This endpoint supports the following methods:

  • POST



Adds the default collection of 2FA messages to the specified flow.

URI Parameters

URI parameters that must be included in the request are listed in the following table:








Unique identifier of the Identity Cloud application associated with the 2FA messages.




Name of the flow where the 2FA messages are being added. Note that flow names are case-sensitive: if your flow is named standard then an error occurs if you list the flow as, say,  Standard.


This endpoint requires Basic authentication. When configuring authentication, use your client ID as the username and your client secret as the password.

Sample Request (curl)

The following command adds the default set of 2FA messages to the standard flow:

curl -L -X POST \
2faMessages' \
    -H 'Authorization: Basic eTR4Zmc2ZjQ0bXNhYzN2ZXBqanZ4Z2d6dnQzZTNzazk6OTVjY3hrN2


204 No Content

No API response is returned if your call succeeds. However, you will get back the HTTP status code 204 No Content.

Error Response Codes

The following table includes information about some of the other response codes that you might encounter when calling this endpoint.

Response Code



This flow already has 2faMessages. Occurs if you make an API call against a flow that already contains a set of 2FA messages. You cannot use this endpoint to overwrite an existing set of messages.