Generate an MFA challenge ID and send a token to your mobile device registered with Bill.com.
/MFAChallenge.json is step two of signing in with an MFA trusted API session.
The following protected endpoints require MFA for login with a trusted API session:
- Invite a vendor (not in the Bill.com network) with
- Invite a customer in the Bill.com network with
- Add a vendor bank account with
- Pay a vendor in the Bill.com network with
Note: See Multi-factor authentication (MFA)/2-step verification in the Bill.com Help for more information about all the security measures in place for your Bill.com account operations.
Sign in with an MFA trusted API session is a three-step process:
- Sign in to generate a
sessionId value with
- Generate an MFA challenge ID with
/MFAChallenge.json. When you call
/MFAChallenge.json, a token is sent to your mobile device registered with Bill.com.
- Authenticate the challenge ID and token with
/MFAAuthenticate.json. At this point, the
sessionId (from step one) is MFA trusted.