Cloud Administration Enable Emergency Tokencode API Version 2
This API generates an Emergency Access Code for a user. You can enable the oneTimeUse option to restrict the code to a single use. The code’s validity period must be set between 1 minute and 7 days.
For information about managing access to this API, see Accessing the Cloud Administration APIs.
Note: If the Online Emergency Access Code (EAC) configuration is locked at the company level in the Company Settings, any values sent in the request are overridden by the company-level settings. To configure EAC settings at the company-level, see Configure Session and Authentication Method Settings
Authentication
Clients calling this API must authenticate themselves by including a JSON Web Token in a request. For instructions on using this token, see Authentication for the Cloud Administration REST APIs.
Software Developer Kit
You can download the API Software Developer Kit (SDK) from Cloud Administration REST API Download.
Request Requirements
Use the following information to generate an Emergency Access Code with the oneTimeUse option for a user. The <userId> is a unique user identifier that is returned in the response to the Cloud Administration User Details API.
| Method | Request URL | Response Content Type |
|---|---|---|
| PUT | AdminInterface/restapi/v2/users/{userId}/emergencyTokencode | application/json |
Request Body Parameters
This API requires the following parameters.
| Parameter | Description | Required | Default Value | Date Type |
|---|---|---|---|---|
| oneTimeUse | Indicates whether the Emergency Access Code is single-use (oneTimeUse) or reusable. | No | oneTimeUse value set at the tenant level | Boolean |
| expiryUnit | Time unit for code expiration: days, hours, or minutes. | Yes, if expiryValue is included in the request. Otherwise, No | expiryUnit value set at the tenant level | String |
| expiryValue | Expiration time value | Yes, if expiryUnit is included in the request. Otherwise, No | expiryValue value set at the tenant level | Integer |
Example Request Body
The following example displays a request.
{
"oneTimeUse": true,
"expiryUnit": "days",
"expiryValue": 5
}
Response Body Parameters
The following table describes the response parameters and data types.
| Parameter | Description | Data Type |
|---|---|---|
| emergencyTokencode | The value of the Emergency Access Code. | String |
| offlineExpirationDate | Expiration datetime for the offline Emergency Access Code. | String |
| configurationsUsed | Indicates the JSON Object containing the configurations used to generate the online Emergency Access Code including (Time Expiration unit, Time Expiration value and Type of Emergency Access Code (one-time use vs. reusable). | Object |
| emergencyTokencodeId | Unique identifier for the Emergency Access Code. | UUID |
| oneTimeUse | Indicates if the Emergency Access Code is single-use (true) or reusable (false). | Boolean |
| configurationsLocked | Indicates whether the configurations are locked on the tenant or not. True if configurations are locked and false otherwise. | Boolean |
| expirationDate | Expiration datetime for the online Emergency Access Code. | String |
Example Response Body
The following example displays a response body.
{
"emergencyTokencode": "qvmnsrtt",
"offlineExpirationDate": null,
"configurationsUsed": {
"expiryValue": 60,
"expiryUnit": "minutes",
"oneTimeUse": true
},
"emergencyTokencodeId": "7f71e069-4a67-7530-e8f2-7d5a230e74cc",
"oneTimeUse": true,
"configurationsLocked": false,
"expirationDate": "2025-09-12T10:17:35.599Z"
}
Response Codes
This API returns the following response codes.
| Code | Description |
|---|---|
| 200 | Emergency Access Code generated successfully. |
| 400 | User not found. |
| 400 | User is disabled. |
| 400 | The expiryValue property is required when expiryUnit property is specified. |
| 400 | The expiryUnit property is required when expiryValue property is specified. |
| 400 | Invalid value for oneTimeUse, expiryUnit, or expiryValue. |
| 403 | Not authorized to perform the request. |
| 429 | Too many requests; rate limit exceeded. |
| 500 | Internal server error occurred while processing the request. |
Related Articles
Cloud Administration Enable Emergency Tokencode API Version 1 Number of Views RSA MFA Agent 2.0.1 for Microsoft Windows Installation and Administration Guide Number of Views RSA MFA Agent 2.1 for Microsoft Windows Installation and Administration Guide Number of Views RSA Authentication Agent 1.1 for Epic Hyperdrive Installation and Administration Guide Number of Views RSA MFA Agent 2.0 for Epic Hyperdrive Installation and Administration Guide Number of Views
Trending Articles
RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager 8.9 Release Notes (January 2026) How to install the jTDS JDBC driver on WildFly for use with Data Collections in RSA Identity Governance & Lifecycle RSA Authentication Manager 8.8 Setup and Configuration Guide Artifacts to gather in RSA Identity Governance & Lifecycle
