POST Challenge MFA endpoint.
Endpoint
POST
/web/v1/system/security/mfa/tx/challenge WEBAuthentication
- Chain: WEB
- JWT Token: true
- API Key: false
- Permissions: []
- Secure Channel: REQUIRED
Rate Limit
5 requests per 300 seconds.
Headers
Frontend Headers
| Header | Required | Description |
|---|---|---|
| X-LOCALE | Yes | 用户的 locale |
| Accept-Language | No | 语言偏好 |
Cloudflare Headers
| Header | Required | Description |
|---|---|---|
| CF-Connecting-IP | Yes | Client IP from Cloudflare |
| CF-IPCountry | Yes | Client country code |
| CF-Ray | Yes | Cloudflare Ray ID |
| CF-Visitor | Yes | Visitor scheme |
| CF-Worker | No | Cloudflare Worker indicator |
| CF-TCP-Port | No | Client TCP port |
| CF-Edge-Keep-Alive | No | Edge keep-alive status |
| CF-Cache-Status | No | Cache status |
| CDN-Loop | No | CDN loop detection |
| X-Real-IP | Yes | Real client IP |
Nginx Headers
| Header | Required | Description |
|---|---|---|
| X-PORTAL-ACCESS-CODE | Yes | Portal access code |
| X-Real-IP | Yes | 客户端真实 IP |
| X-Forwarded-For | Yes | 代理链 |
| X-Forwarded-Proto | Yes | 协议 |
Request Parameters
No request body.
Response
200 OK
| Field | Type | Description |
|---|---|---|
| data | MfaChallengeResponse | Response data |