Regenerates MFA backup codes. Requires password and current MFA code
POST /api/user/profile/mfa/backup-codes
Auto-generated from server.go. Handler: s.regenerateBackupCodesProfile.
Authorizations
Section titled “Authorizations ”Request Body
Section titled “Request Body ”object
Responses
Section titled “ Responses ”Backup codes regenerated
Response from POST /api/user/profile/mfa/backup-codes. Returns the
freshly-generated MFA backup codes. Mirrors the gin.H literal in
internal/api/handlers_security.go::regenerateBackupCodesProfile
(hand-lifted Phase 70-03 Session 6 — sampler cannot provide the
current password + valid TOTP code required by the handler).
object
Newly issued one-time backup codes. Caller must store these.
The request body or parameters failed validation.
Standardised error envelope per RFC 7807. Many existing endpoints still
return an older shape (e.g. {"error": "..."}). This schema documents the
target shape; legacy endpoints will be migrated in Phase 70. Per D-21 the
spec describes current behaviour without enforcing the migration here.
object
A URI reference that identifies the problem type.
A short human-readable summary of the problem.
The HTTP status code generated by the origin server.
A human-readable explanation specific to this occurrence.
A URI reference that identifies the specific occurrence.
Legacy error message field. Will be removed once handlers are migrated.
Legacy per-field error details. Will be removed once handlers are migrated.
object
The request id middleware-assigned identifier for tracing.
Authentication is required or the supplied token is invalid.
Standardised error envelope per RFC 7807. Many existing endpoints still
return an older shape (e.g. {"error": "..."}). This schema documents the
target shape; legacy endpoints will be migrated in Phase 70. Per D-21 the
spec describes current behaviour without enforcing the migration here.
object
A URI reference that identifies the problem type.
A short human-readable summary of the problem.
The HTTP status code generated by the origin server.
A human-readable explanation specific to this occurrence.
A URI reference that identifies the specific occurrence.
Legacy error message field. Will be removed once handlers are migrated.
Legacy per-field error details. Will be removed once handlers are migrated.
object
The request id middleware-assigned identifier for tracing.
Internal server error
Standardised error envelope per RFC 7807. Many existing endpoints still
return an older shape (e.g. {"error": "..."}). This schema documents the
target shape; legacy endpoints will be migrated in Phase 70. Per D-21 the
spec describes current behaviour without enforcing the migration here.
object
A URI reference that identifies the problem type.
A short human-readable summary of the problem.
The HTTP status code generated by the origin server.
A human-readable explanation specific to this occurrence.
A URI reference that identifies the specific occurrence.
Legacy error message field. Will be removed once handlers are migrated.
Legacy per-field error details. Will be removed once handlers are migrated.
object
The request id middleware-assigned identifier for tracing.