Skip to main content
POST
/
api
/
v1
/
sessions
/
elevate
curl -X POST https://api.gosentrix.io/api/v1/sessions/elevate \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "mfa_code": "123456"
  }'

{
  "elevated": true,
  "elevated_until": "2024-01-01T12:15:00Z",
  "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9..."
}
Elevate your session to perform sensitive operations that require step-up authentication. 
curl -X POST https://api.gosentrix.io/api/v1/sessions/elevate \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "mfa_code": "123456"
  }'

{
  "elevated": true,
  "elevated_until": "2024-01-01T12:15:00Z",
  "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9..."
}

Request Body

mfa_code
string
required
MFA code from authenticator app or backup code

Response

elevated
boolean
Session elevation status
elevated_until
string
ISO 8601 timestamp when elevation expires (15 minutes)
access_token
string
New access token with elevated permissions

Errors

400
object
Invalid MFA code
401
object
Invalid or missing token
403
object
MFA not enrolled

Notes

  • Elevated sessions last 15 minutes
  • Required for sensitive operations (SSO disable, domain deletion, etc.)
  • See Step-Up Authentication Guide for details