MFA setup resetο
When a user loses access to their authenticator app (e.g. lost or replaced phone), their MFA setup must be reset by a server administrator before the user can reconfigure it (see Multi-factor authentication).
To reset a userβs MFA setup, the server administrator needs to provide:
The Parsec server address, as a Parsec URL
parsec3://hostname:portThe
administration_tokenconfigured on the Parsec serverThe organization ID
The user to reset, identified by their email address or their Parsec user ID
Typically to reset by email address:
parsec-cli user totp-reset --addr parsec3://example.com --token s3cr3t --organization MyOrganization --user-email alice@example.com --send-email
Example of output:
TOTP reset for user 940a380aedd44127863d952a66cfce1e
Reset URL: parsec3://example.com/MyOrganization?a=totp_reset&p=...
An email with the reset URL has been sent to alice@example.com