Configuring MFA-Protected API Access