GetMFADevice - AWS Identity and Access Management

GetMFADevice

Retrieves information about an MFA device for a specified user.

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

SerialNumber

Serial number that uniquely identifies the MFA device. For this API, we only accept FIDO security key ARNs.

Type: String

Length Constraints: Minimum length of 9. Maximum length of 256.

Pattern: [\w+=/:,.@-]+

Required: Yes

UserName

The friendly name identifying the user.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 64.

Pattern: [\w+=,.@-]+

Required: No

Response Elements

The following elements are returned by the service.

Certifications
Certifications.entry.N.key (key)
Certifications.entry.N.value (value)

The certifications of a specified user's MFA device. We currently provide FIPS-140-2, FIPS-140-3, and FIDO certification levels obtained from FIDO Alliance Metadata Service (MDS).

Type: String to string map

Key Length Constraints: Minimum length of 1. Maximum length of 128.

Key Pattern: [\u0020-\u00FF]+

Value Length Constraints: Minimum length of 1. Maximum length of 32.

Value Pattern: [\u0020-\u00FF]+

EnableDate

The date that a specified user's MFA device was first enabled.

Type: Timestamp

SerialNumber

Serial number that uniquely identifies the MFA device. For this API, we only accept FIDO security key ARNs.

Type: String

Length Constraints: Minimum length of 9. Maximum length of 256.

Pattern: [\w+=/:,.@-]+

UserName

The friendly name identifying the user.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 64.

Pattern: [\w+=,.@-]+

Errors

For information about the errors that are common to all actions, see Common Errors.

NoSuchEntity

The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

HTTP Status Code: 404

ServiceFailure

The request processing has failed because of an unknown error, exception or failure.

HTTP Status Code: 500

Examples

Example

This example illustrates one usage of GetMFADevice.

Sample Request

https://iam.amazonaws.com/?Action=GetMFADevice &SerialNumber=arn:aws:iam::123456789012:u2f/root/testFidoKey-R1234 &UserName=Bob &Version=2010-05-08 &AUTHPARAMS

Sample Response

<GetMFADeviceResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/"> <GetMFADeviceResult> <EnableDate>2023-04-27T20:58:13Z</EnableDate> <SerialNumber>arn:aws:iam::123456789012:u2f/root/testFidoKey-R1234</SerialNumber> <Certifications> <entry> <key>FIDO-FIPS-140-2</key> <value>L2</value> </entry> <entry> <key>FIDO</key> <value>L1</value> </entry> </Certifications> <UserName>Bob</UserName> </GetMFADeviceResult> <ResponseMetadata> <RequestId>df37e965-9967-11e1-a4c3-270EXAMPLE04</RequestId> </ResponseMetadata> </GetMFADeviceResponse>

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: