---
title: Create Authentication Code
description: The POST /{{envID}}/authenticationCodes operation creates an authentication code for use in an MFA device authentication flow. The request body requires an application.id property value to associate an application with the MFA flow. The request also supports optional clientContext, lifeTime, and userApproval properties to provide relevant information to the mobile application. For example, the following message can be provided through the clientContext property:
component: pingone-api
page_id: pingone-api:mfa:mfa-authentication/mfa-authentication-code/create-authentication-code
canonical_url: https://developer.pingidentity.com/pingone-api/mfa/mfa-authentication/mfa-authentication-code/create-authentication-code.html
section_ids:
  headers: Headers
  body: Body
  example-request: Example Request
  example-response: Example Response
---

# Create Authentication Code

##

```none
POST {{authPath}}/{{envID}}/authenticationCodes
```

The `POST /{{envID}}/authenticationCodes` operation creates an authentication code for use in an MFA device authentication flow. The request body requires an `application.id` property value to associate an application with the MFA flow. The request also supports optional `clientContext`, `lifeTime`, and `userApproval` properties to provide relevant information to the mobile application. For example, the following message can be provided through the `clientContext` property:

```none
"clientContext": {
        "header" : "Authentication process",
        "body": "Do you want to approve this transaction?"
    }
```

The response returns the code and several other properties, including a `status` property to specify the status of the code. When the resouce is first created, the code's status is `UNCLAIMED`.

> **Collapse: Request Model**
>
> | Property            | Type    | Required? |
> | ------------------- | ------- | --------- |
> | `application.id`    | String  | Required  |
> | `clientContext`     | String  | Optional  |
> | `lifeTime.duration` | Integer | Optional  |
> | `lifeTime.timeUnit` | String  | Optional  |
> | `userApproval`      | String  | Optional  |
>
> Refer to the [Device authentications request](#mfa-authentication-code) data model for full property descriptions.

### Headers

Authorization      Bearer {{accessToken}}

Content-Type      application/json

### Body

raw ( application/json )

```json
{
    "application": {
        "id": "{{appID}}"
    },
    "clientContext": {
        "header": "Authentication process",
        "body": "Do you want to approve this transaction?"
    },
    "lifeTime": {
        "duration": 2,
        "timeUnit": "MINUTES"
    },
    "userApproval": "NOT_REQUIRED"
}
```

##

### Example Request

* cURL

* C#

* Go

* HTTP

* Java

* jQuery

* NodeJS

* Python

* PHP

* Ruby

* Swift

```shell
curl --location --globoff '{{authPath}}/{{envID}}/authenticationCodes' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{accessToken}}' \
--data '{
    "application": {
        "id": "{{appID}}"
    },
    "clientContext": {
        "header": "Authentication process",
        "body": "Do you want to approve this transaction?"
    },
    "lifeTime": {
        "duration": 2,
        "timeUnit": "MINUTES"
    },
    "userApproval": "NOT_REQUIRED"
}'
```

```csharp
var options = new RestClientOptions("{{authPath}}/{{envID}}/authenticationCodes")
{
  MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("", Method.Post);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", "Bearer {{accessToken}}");
var body = @"{" + "\n" +
@"    ""application"": {" + "\n" +
@"        ""id"": ""{{appID}}""" + "\n" +
@"    }," + "\n" +
@"    ""clientContext"": {" + "\n" +
@"        ""header"": ""Authentication process""," + "\n" +
@"        ""body"": ""Do you want to approve this transaction?""" + "\n" +
@"    }," + "\n" +
@"    ""lifeTime"": {" + "\n" +
@"        ""duration"": 2," + "\n" +
@"        ""timeUnit"": ""MINUTES""" + "\n" +
@"    }," + "\n" +
@"    ""userApproval"": ""NOT_REQUIRED""" + "\n" +
@"}";
request.AddStringBody(body, DataFormat.Json);
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);
```

```golang
package main

import (
  "fmt"
  "strings"
  "net/http"
  "io"
)

func main() {

  url := "{{authPath}}/{{envID}}/authenticationCodes"
  method := "POST"

  payload := strings.NewReader(`{
    "application": {
        "id": "{{appID}}"
    },
    "clientContext": {
        "header": "Authentication process",
        "body": "Do you want to approve this transaction?"
    },
    "lifeTime": {
        "duration": 2,
        "timeUnit": "MINUTES"
    },
    "userApproval": "NOT_REQUIRED"
}`)

  client := &http.Client {
  }
  req, err := http.NewRequest(method, url, payload)

  if err != nil {
    fmt.Println(err)
    return
  }
  req.Header.Add("Content-Type", "application/json")
  req.Header.Add("Authorization", "Bearer {{accessToken}}")

  res, err := client.Do(req)
  if err != nil {
    fmt.Println(err)
    return
  }
  defer res.Body.Close()

  body, err := io.ReadAll(res.Body)
  if err != nil {
    fmt.Println(err)
    return
  }
  fmt.Println(string(body))
}
```

```http
POST /{{envID}}/authenticationCodes HTTP/1.1
Host: {{authPath}}
Content-Type: application/json
Authorization: Bearer {{accessToken}}

{
    "application": {
        "id": "{{appID}}"
    },
    "clientContext": {
        "header": "Authentication process",
        "body": "Do you want to approve this transaction?"
    },
    "lifeTime": {
        "duration": 2,
        "timeUnit": "MINUTES"
    },
    "userApproval": "NOT_REQUIRED"
}
```

```java
OkHttpClient client = new OkHttpClient().newBuilder()
  .build();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\n    \"application\": {\n        \"id\": \"{{appID}}\"\n    },\n    \"clientContext\": {\n        \"header\": \"Authentication process\",\n        \"body\": \"Do you want to approve this transaction?\"\n    },\n    \"lifeTime\": {\n        \"duration\": 2,\n        \"timeUnit\": \"MINUTES\"\n    },\n    \"userApproval\": \"NOT_REQUIRED\"\n}");
Request request = new Request.Builder()
  .url("{{authPath}}/{{envID}}/authenticationCodes")
  .method("POST", body)
  .addHeader("Content-Type", "application/json")
  .addHeader("Authorization", "Bearer {{accessToken}}")
  .build();
Response response = client.newCall(request).execute();
```

```javascript
var settings = {
  "url": "{{authPath}}/{{envID}}/authenticationCodes",
  "method": "POST",
  "timeout": 0,
  "headers": {
    "Content-Type": "application/json",
    "Authorization": "Bearer {{accessToken}}"
  },
  "data": JSON.stringify({
    "application": {
      "id": "{{appID}}"
    },
    "clientContext": {
      "header": "Authentication process",
      "body": "Do you want to approve this transaction?"
    },
    "lifeTime": {
      "duration": 2,
      "timeUnit": "MINUTES"
    },
    "userApproval": "NOT_REQUIRED"
  }),
};

$.ajax(settings).done(function (response) {
  console.log(response);
});
```

```javascript
var request = require('request');
var options = {
  'method': 'POST',
  'url': '{{authPath}}/{{envID}}/authenticationCodes',
  'headers': {
    'Content-Type': 'application/json',
    'Authorization': 'Bearer {{accessToken}}'
  },
  body: JSON.stringify({
    "application": {
      "id": "{{appID}}"
    },
    "clientContext": {
      "header": "Authentication process",
      "body": "Do you want to approve this transaction?"
    },
    "lifeTime": {
      "duration": 2,
      "timeUnit": "MINUTES"
    },
    "userApproval": "NOT_REQUIRED"
  })

};
request(options, function (error, response) {
  if (error) throw new Error(error);
  console.log(response.body);
});
```

```python
import requests
import json

url = "{{authPath}}/{{envID}}/authenticationCodes"

payload = json.dumps({
  "application": {
    "id": "{{appID}}"
  },
  "clientContext": {
    "header": "Authentication process",
    "body": "Do you want to approve this transaction?"
  },
  "lifeTime": {
    "duration": 2,
    "timeUnit": "MINUTES"
  },
  "userApproval": "NOT_REQUIRED"
})
headers = {
  'Content-Type': 'application/json',
  'Authorization': 'Bearer {{accessToken}}'
}

response = requests.request("POST", url, headers=headers, data=payload)

print(response.text)
```

```php
<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('{{authPath}}/{{envID}}/authenticationCodes');
$request->setMethod(HTTP_Request2::METHOD_POST);
$request->setConfig(array(
  'follow_redirects' => TRUE
));
$request->setHeader(array(
  'Content-Type' => 'application/json',
  'Authorization' => 'Bearer {{accessToken}}'
));
$request->setBody('{\n    "application": {\n        "id": "{{appID}}"\n    },\n    "clientContext": {\n        "header": "Authentication process",\n        "body": "Do you want to approve this transaction?"\n    },\n    "lifeTime": {\n        "duration": 2,\n        "timeUnit": "MINUTES"\n    },\n    "userApproval": "NOT_REQUIRED"\n}');
try {
  $response = $request->send();
  if ($response->getStatus() == 200) {
    echo $response->getBody();
  }
  else {
    echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
    $response->getReasonPhrase();
  }
}
catch(HTTP_Request2_Exception $e) {
  echo 'Error: ' . $e->getMessage();
}
```

```ruby
require "uri"
require "json"
require "net/http"

url = URI("{{authPath}}/{{envID}}/authenticationCodes")

http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Post.new(url)
request["Content-Type"] = "application/json"
request["Authorization"] = "Bearer {{accessToken}}"
request.body = JSON.dump({
  "application": {
    "id": "{{appID}}"
  },
  "clientContext": {
    "header": "Authentication process",
    "body": "Do you want to approve this transaction?"
  },
  "lifeTime": {
    "duration": 2,
    "timeUnit": "MINUTES"
  },
  "userApproval": "NOT_REQUIRED"
})

response = http.request(request)
puts response.read_body
```

```swift
let parameters = "{\n    \"application\": {\n        \"id\": \"{{appID}}\"\n    },\n    \"clientContext\": {\n        \"header\": \"Authentication process\",\n        \"body\": \"Do you want to approve this transaction?\"\n    },\n    \"lifeTime\": {\n        \"duration\": 2,\n        \"timeUnit\": \"MINUTES\"\n    },\n    \"userApproval\": \"NOT_REQUIRED\"\n}"
let postData = parameters.data(using: .utf8)

var request = URLRequest(url: URL(string: "{{authPath}}/{{envID}}/authenticationCodes")!,timeoutInterval: Double.infinity)
request.addValue("application/json", forHTTPHeaderField: "Content-Type")
request.addValue("Bearer {{accessToken}}", forHTTPHeaderField: "Authorization")

request.httpMethod = "POST"
request.httpBody = postData

let task = URLSession.shared.dataTask(with: request) { data, response, error in
  guard let data = data else {
    print(String(describing: error))
    return
  }
  print(String(data: data, encoding: .utf8)!)
}

task.resume()
```

### Example Response

201 Created

```json
{
    "_links": {
        "self": {
            "href": "https://auth.pingone.com/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/authenticationCodes/39743070-2f4c-4b26-a4ab-12287d0187dc"
        }
    },
    "id": "39743070-2f4c-4b26-a4ab-12287d0187dc",
    "environment": {
        "id": "abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
    },
    "code": "B4D04NQR",
    "uri": "pingonesdk?authentication_code=B4D04NQR",
    "application": {
        "id": "7d8797b7-a097-46a9-841f-88f531d1d99b"
    },
    "clientContext": {
        "header": "Authentication process",
        "body": "Do you want to approve this transaction?"
    },
    "lifeTime": {
        "duration": 2,
        "timeUnit": "MINUTES"
    },
    "userApproval": "NOT_REQUIRED",
    "status": "UNCLAIMED",
    "expiresAt": "2022-02-22T21:03:08.132Z",
    "updatedAt": "2022-02-22T21:01:08.118Z",
    "createdAt": "2022-02-22T21:01:08.118Z"
}
```