Creates the given MFA policy. If the upsert query param is set to true then instead of performing a create the API will switch to performing an upsert. For an upsert request the following fields are required:
Required Upsert Fields:
ownerTypeownerId
When performing an upsert, the above fields will be used to determine if the MFA policy resource already exists or not. If the MFA policy already exists then a partial update will be performed on the existing MFA policy; otherwise a new MFA policy entity will be created.
In the response of an upsert request, if a create was performed then a 201 response code will be returned; otherwise, if an update was performed then a 200 will be returned.
Required Permissions
Below is the list of required permissions needed to interact with this API. For each permission the allowed permission boundaries are also specified.
| Permission | Boundary | Description |
|---|---|---|
| mfa-policy:write | Application | The subject can create MFA policies under the application that the subject belongs to. |
| Tenant | The subject can create MFA policies associated to the tenant that the subject belongs to. | |
| Tenant Inclusion List | The subject can create MFA policies for tenants specified in the tenant inclusion list. | |
| Tenant Exclusion List | The subject can create MFA policies for tenants that belong to the subject's application but are not included in the tenant exclusion list. |