Using the API with MFA Enabled

When MFA is enabled for the account PAM will not allow this account to call REST APIs.

The way to proceed in this situation is to use an account or a token generated for an account which does not require MFA authentication while all other accounts that login using GUI do require MFA.

 

Please look at the article about enabling granular control over MFA configuration for different users or groups of users.

Add an account that will be used for API access with none as a provider.

You might want to create a special service Local Account for this and grant it certain permissions or use the one that you used before.

Just keep in mind that this account will not be prompted for MFA token.