cPanel/TwoFactorAuth
cPanel module

TwoFactorAuth

5 functions, invoked through the cpanel_uapi tool.

scope cpanel:uapi
Call any function with cpanel_uapi(service_id, module="TwoFactorAuth", function, params). Live availability depends on the cPanel features JetHost has enabled on your account — call list_cpanel_operations to see what is active.

generate_user_configuration GET#

Create 2FA authentication code

This function generates an authentication code to enable configuration of two-factor authentication.

No parameters.

Response — normalized as { ok, data, errors[], warnings[] }; data contains:

otpauth_strstring
A one-time authentication URL to encode as the QR code.
secretstring
A generated code for use with two-factor authentication.

get_team_user_configuration GET#

Return team user 2FA config

This function retrieves a team user's configuration settings for two-factor authentication.

team_userstringRequired
The team user's username. Note: The username will always precede the cPanel account's primary domain.

Response — normalized as { ok, data, errors[], warnings[] }; data contains:

is_enabledinteger
Whether two-factor authentication is enabled for the team user. 1 - Enabled. 0 - Disabled.
One of: 0 1
issuerstring
The authentication code issuer's name.

get_user_configuration GET#

Return cPanel account 2FA config

This function retrieves the cPanel account user's configuration settings for two-factor authentication.

No parameters.

Response — normalized as { ok, data, errors[], warnings[] }; data contains:

is_enabledinteger
Whether two-factor authentication is enabled for the account. 1 - Enabled. 0 - Disabled.
One of: 0 1
issuerstring
The authentication code issuer's name.

remove_user_configuration GET#

Remove 2FA config

This function removes the user from the two-factor authentication userdata file.

No parameters.

Response — normalized as { ok, data, errors[], warnings[] }; data contains:

tfa_removedinteger
Whether the system removed the user from the two-factor authentication userdata file. * 1 - Removed. Note: If a removal fails, the system sends a failure response with the reason in the metadata.
One of: 1

set_user_configuration GET#

Save 2FA config

This function configures the two-factor authentication settings for an account.

secretstringRequired
The 16-character string that UAPI's TwoFactorAuth::generate_user_configuration function generates.
tfa_tokenintegerRequired
The six-digit security code that the time-based one-time password (TOTP) authentication app generates.

Response — normalized as { ok, data, errors[], warnings[] }; data contains:

tfa_configuredinteger
Whether two-factor authentication is enabled. 1 - Enabled. 1 - Disabled.
One of: 0 1