Multi-factor authentication for inbound REST

You can submit a multi-factor authentication token with user credentials to authenticate an MFA-enabled user account using REST.

When multi-factor authentication is enabled for a user account, you must submit an MFA token with basic auth credentials when making REST requests as that user.

To send an MFA token with a REST request, append the token to the end of the user's password in the basic auth username:password string, such as joe.employee:password62161147. Encode the full string including the MFA token using base64 encoding, then send the encoded string in the Authorization header.