Enable Form Login on user using API

Hi ​@immi563,

Sadly no, not at this time. Support would be your best option for a one-off go. 

here is a sample script. keep in mind that scripts should be thoroughly tested before using

# Authenticate to BeyondInsight API
$headers = @{
    "Authorization" = "PS-Auth key=your_api_key"
    "Content-Type" = "application/json"
}

# Get all users
$users = Invoke-RestMethod -Uri "https://your-beyondinsight-server/api/Users" -Headers $headers

# Assign users to MFA-enabled group
foreach ($user in $users) {
    $body = @{ UserID = $user.UserID } | ConvertTo-Json
    Invoke-RestMethod -Uri "https://your-beyondinsight-server/api/UserGroups/{groupId}/Users" -Method POST -Body $body -Headers $headers
}

# Authenticate to BeyondInsight API
$headers = @{
    "Authorization" = "PS-Auth key=your_api_key"
    "Content-Type" = "application/json"
}

# Get all users
$users = Invoke-RestMethod -Uri "https://your-beyondinsight-server/api/Users" -Headers $headers

# Assign users to MFA-enabled group
foreach ($user in $users) {
    $body = @{ UserID = $user.UserID } | ConvertTo-Json
    Invoke-RestMethod -Uri "https://your-beyondinsight-server/api/UserGroups/{groupId}/Users" -Method POST -Body $body -Headers $headers
}

Fantastic workaround! I was thinking of the API for the user specific! 

single user or group? if its a group you can adapt the script to read from txt file

Oh, I was looking for API-specific approach on the user action to change their enabled/disabled forms login. I wasn’t thinking of the groups approach.

# Authenticate to BeyondInsight API
$headers = @{
    "Authorization" = "PS-Auth key=your_api_key"
    "Content-Type" = "application/json"
}

# Get all users
$users = Invoke-RestMethod -Uri "https://your-beyondinsight-server/api/Users" -Headers $headers

# Assign users to MFA-enabled group
foreach ($user in $users) {
    $body = @{ UserID = $user.UserID } | ConvertTo-Json
    Invoke-RestMethod -Uri "https://your-beyondinsight-server/api/UserGroups/{groupId}/Users" -Method POST -Body $body -Headers $headers
}

Hi frank

thank you so much for help. Can you please let me know what’s the MFA enabled group? Is it Azure MFA enabled group that we are referring to or it is something else? 

This solution could be helpful for me however I need some clarity on what’s the MFA group that we are referring to ?

Regards,

Imran ALiyani

On our environment , MFA is managed by Azure group which is hosted on AD. Hence we wont be able to add user to those group using BT APIs. If I am missing something , please help me understand.