--- title: Create MFA Pairing Key description: The POST {{apiPath}}/v1/environments/{{envID}}/users/{{userID}}/pairingKeys operation adds a pairing key to the specified user resource. component: pingone-api page_id: pingone-api:mfa:users/mfa-pairing-keys/create-mfa-pairing-key canonical_url: https://developer.pingidentity.com/pingone-api/mfa/users/mfa-pairing-keys/create-mfa-pairing-key.html section_ids: prerequisites: Prerequisites headers: Headers body: Body example-request: Example Request example-response: Example Response --- # Create MFA Pairing Key ## ```none POST {{apiPath}}/v1/environments/{{envID}}/users/{{userID}}/pairingKeys ``` The `POST {{apiPath}}/v1/environments/{{envID}}/users/{{userID}}/pairingKeys` operation adds a pairing key to the specified user resource. Use the `applications` to provide a list of native application IDs that can be used with this pairing key. Leave `applications` as an empty collection to allow all available native applications in the environment to be used. | | | | - | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | | If you create a pairing key that is shared by multiple applications, but have defined different pairing key lifetimes for the different applications, all the applications using the pairing key will use the most strict setting that you specified for key lifetime (shortest time). | Only native applications that have `bundleId` or `packageName`, and are associated with `pushCredentials` are considered available in this context. Such applications should represent native applications that exist in the Apple or Google applications store. ### Prerequisites * Refer to [MFA Pairing Keys](#mfa-pairing-keys) for important overview information. > **Collapse: Request Model** > > Refer to the [Pairing key](#mfa-pairing-keys) data model for full property descriptions. > > | Property | Type | Required? | > | -------------- | --------- | --------- | > | `applications` | String\[] | Optional | > | `policy.id` | String | Optional | ### Headers Authorization      Bearer {{accessToken}} Content-Type      application/json ### Body raw ( application/json ) ```json { "applications": [ { "id": "{{appID}}" } ], "policy": { "id": "{{deviceAuthenticationPolicyID}}" } } ``` ## ### Example Request * cURL * C# * Go * HTTP * Java * jQuery * NodeJS * Python * PHP * Ruby * Swift ```shell curl --location --globoff '{{apiPath}}/v1/environments/{{envID}}/users/{{userID}}/pairingKeys' \ --header 'Content-Type: application/json' \ --header 'Authorization: Bearer {{accessToken}}' \ --data '{ "applications": [ { "id": "{{appID}}" } ], "policy": { "id": "{{deviceAuthenticationPolicyID}}" } }' ``` ```csharp var options = new RestClientOptions("{{apiPath}}/v1/environments/{{envID}}/users/{{userID}}/pairingKeys") { MaxTimeout = -1, }; var client = new RestClient(options); var request = new RestRequest("", Method.Post); request.AddHeader("Content-Type", "application/json"); request.AddHeader("Authorization", "Bearer {{accessToken}}"); var body = @"{" + "\n" + @" ""applications"": [" + "\n" + @" {" + "\n" + @" ""id"": ""{{appID}}""" + "\n" + @" }" + "\n" + @" ]," + "\n" + @" ""policy"": {" + "\n" + @" ""id"": ""{{deviceAuthenticationPolicyID}}""" + "\n" + @" }" + "\n" + @"}"; request.AddStringBody(body, DataFormat.Json); RestResponse response = await client.ExecuteAsync(request); Console.WriteLine(response.Content); ``` ```golang package main import ( "fmt" "strings" "net/http" "io" ) func main() { url := "{{apiPath}}/v1/environments/{{envID}}/users/{{userID}}/pairingKeys" method := "POST" payload := strings.NewReader(`{ "applications": [ { "id": "{{appID}}" } ], "policy": { "id": "{{deviceAuthenticationPolicyID}}" } }`) client := &http.Client { } req, err := http.NewRequest(method, url, payload) if err != nil { fmt.Println(err) return } req.Header.Add("Content-Type", "application/json") req.Header.Add("Authorization", "Bearer {{accessToken}}") res, err := client.Do(req) if err != nil { fmt.Println(err) return } defer res.Body.Close() body, err := io.ReadAll(res.Body) if err != nil { fmt.Println(err) return } fmt.Println(string(body)) } ``` ```http POST /v1/environments/{{envID}}/users/{{userID}}/pairingKeys HTTP/1.1 Host: {{apiPath}} Content-Type: application/json Authorization: Bearer {{accessToken}} { "applications": [ { "id": "{{appID}}" } ], "policy": { "id": "{{deviceAuthenticationPolicyID}}" } } ``` ```java OkHttpClient client = new OkHttpClient().newBuilder() .build(); MediaType mediaType = MediaType.parse("application/json"); RequestBody body = RequestBody.create(mediaType, "{\n \"applications\": [\n {\n \"id\": \"{{appID}}\"\n }\n ],\n \"policy\": {\n \"id\": \"{{deviceAuthenticationPolicyID}}\"\n }\n}"); Request request = new Request.Builder() .url("{{apiPath}}/v1/environments/{{envID}}/users/{{userID}}/pairingKeys") .method("POST", body) .addHeader("Content-Type", "application/json") .addHeader("Authorization", "Bearer {{accessToken}}") .build(); Response response = client.newCall(request).execute(); ``` ```javascript var settings = { "url": "{{apiPath}}/v1/environments/{{envID}}/users/{{userID}}/pairingKeys", "method": "POST", "timeout": 0, "headers": { "Content-Type": "application/json", "Authorization": "Bearer {{accessToken}}" }, "data": JSON.stringify({ "applications": [ { "id": "{{appID}}" } ], "policy": { "id": "{{deviceAuthenticationPolicyID}}" } }), }; $.ajax(settings).done(function (response) { console.log(response); }); ``` ```javascript var request = require('request'); var options = { 'method': 'POST', 'url': '{{apiPath}}/v1/environments/{{envID}}/users/{{userID}}/pairingKeys', 'headers': { 'Content-Type': 'application/json', 'Authorization': 'Bearer {{accessToken}}' }, body: JSON.stringify({ "applications": [ { "id": "{{appID}}" } ], "policy": { "id": "{{deviceAuthenticationPolicyID}}" } }) }; request(options, function (error, response) { if (error) throw new Error(error); console.log(response.body); }); ``` ```python import requests import json url = "{{apiPath}}/v1/environments/{{envID}}/users/{{userID}}/pairingKeys" payload = json.dumps({ "applications": [ { "id": "{{appID}}" } ], "policy": { "id": "{{deviceAuthenticationPolicyID}}" } }) headers = { 'Content-Type': 'application/json', 'Authorization': 'Bearer {{accessToken}}' } response = requests.request("POST", url, headers=headers, data=payload) print(response.text) ``` ```php setUrl('{{apiPath}}/v1/environments/{{envID}}/users/{{userID}}/pairingKeys'); $request->setMethod(HTTP_Request2::METHOD_POST); $request->setConfig(array( 'follow_redirects' => TRUE )); $request->setHeader(array( 'Content-Type' => 'application/json', 'Authorization' => 'Bearer {{accessToken}}' )); $request->setBody('{\n "applications": [\n {\n "id": "{{appID}}"\n }\n ],\n "policy": {\n "id": "{{deviceAuthenticationPolicyID}}"\n }\n}'); try { $response = $request->send(); if ($response->getStatus() == 200) { echo $response->getBody(); } else { echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' . $response->getReasonPhrase(); } } catch(HTTP_Request2_Exception $e) { echo 'Error: ' . $e->getMessage(); } ``` ```ruby require "uri" require "json" require "net/http" url = URI("{{apiPath}}/v1/environments/{{envID}}/users/{{userID}}/pairingKeys") http = Net::HTTP.new(url.host, url.port); request = Net::HTTP::Post.new(url) request["Content-Type"] = "application/json" request["Authorization"] = "Bearer {{accessToken}}" request.body = JSON.dump({ "applications": [ { "id": "{{appID}}" } ], "policy": { "id": "{{deviceAuthenticationPolicyID}}" } }) response = http.request(request) puts response.read_body ``` ```swift let parameters = "{\n \"applications\": [\n {\n \"id\": \"{{appID}}\"\n }\n ],\n \"policy\": {\n \"id\": \"{{deviceAuthenticationPolicyID}}\"\n }\n}" let postData = parameters.data(using: .utf8) var request = URLRequest(url: URL(string: "{{apiPath}}/v1/environments/{{envID}}/users/{{userID}}/pairingKeys")!,timeoutInterval: Double.infinity) request.addValue("application/json", forHTTPHeaderField: "Content-Type") request.addValue("Bearer {{accessToken}}", forHTTPHeaderField: "Authorization") request.httpMethod = "POST" request.httpBody = postData let task = URLSession.shared.dataTask(with: request) { data, response, error in guard let data = data else { print(String(describing: error)) return } print(String(data: data, encoding: .utf8)!) } task.resume() ``` ### Example Response 201 Created ```json { "_links": { "self": { "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/users/788d4931-6936-43f2-82ff-178f5762298a/pairingKeys/8b22c502-a607-4b3c-8dad-d9ef2397f19a" }, "environment": { "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6" }, "user": { "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/users/788d4931-6936-43f2-82ff-178f5762298a" } }, "id": "8b22c502-a607-4b3c-8dad-d9ef2397f19a", "environment": { "id": "abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6" }, "code": "01882778807215", "status": "UNCLAIMED", "applications": [ { "id": "7d8797b7-a097-46a9-841f-88f531d1d99b" } ], "user": { "id": "788d4931-6936-43f2-82ff-178f5762298a" }, "createdAt": "2022-02-02T16:33:55.722Z", "updatedAt": "2022-02-02T16:33:55.722Z", "expiresAt": "2022-02-04T16:33:55.722Z" } ```