Multi-factor authentication REST responses

The response to an MFA authentication request varies depending on the validity of the provided credentials and MFA token.

Table 1. Responses
Result Description
Basic auth credentials and MFA token are valid The user is authenticated and the session created. The request is processed normally.
Basic auth credentials are valid but MFA token is invalid or missing The response returns error 401. The response includes the X-MFA_TOKEN header with the value "invalid".
Basic auth credentials are invalid The response returns error 401. The X-MFA_TOKEN header is not included in the response.