def deactivate_app_instance(self, id):
"""Deactivate app by target id
:param id: the target app id
:type id: str
:return: None
"""
ApiClient.post_path(self, '/{0}/lifecycle/deactivate'.format(id), None)
def deactivate_app_instance(self, id):
"""Deactivate app by target id
:param id: the target app id
:type id: str
:return: None
"""
ApiClient.post_path(self, '/{0}/lifecycle/deactivate'.format(id), None)
def create_user(self, user, activate=None):
"""Create a user
:param user: the data to create a user
:type user: User
:param activate: whether to activate the user
:type activate: bool
:rtype: User
"""
if activate is None:
response = ApiClient.post_path(self, '/', user)
else:
params = {'activate': activate}
response = ApiClient.post_path(self, '/', user, params=params)
return Utils.deserialize(response.text, self.user_class)
def forgot_password_answer(self,
state_token,
security_answer,
new_password,
relay_state=None):
"""Answer the forgot password during an authentication flow
:param state_token: current state token from the previous AuthResult
:type state_token: str
:param security_answer: answer to a user's security question
:type security_answer: str
:param new_password: user's desired password
:type new_password: str
:param relay_state: data that will persist for the lifetime
of the authentication or recovery token
:type relay_state: str or None
:rtype: AuthResult
"""
url_path = '/api/v1/authn/recovery/answer'
request = {
'stateToken': state_token,
'securityAnswer': security_answer,
'newPassword': new_password,
'relayState': relay_state
}
response = ApiClient.post_path(self, url_path, request)
return Utils.deserialize(response.text, AuthResult)
def unlock_account_answer(self,
state_token,
security_answer,
relay_state=None):
"""Unlock an account during an authentication
:param state_token: current state token from the previous AuthResult
:type state_token: str
:param security_answer: answer to the user's security question
:type security_answer: str
:param relay_state: data that will persist for the lifetime of the
authentication or recovery token
:type relay_state: str or None
:rtype: AuthResult
"""
url_path = '/api/v1/authn/recovery/answer'
request = {
'stateToken': state_token,
'securityAnswer': security_answer,
'relayState': relay_state
}
response = ApiClient.post_path(self, url_path, request)
return Utils.deserialize(response.text, AuthResult)
def enroll_factor(self,
state_token,
factor_type,
provider,
profile,
relay_state=None):
"""Enroll in an MFA factor during the auth flow. Usually only encountered if MFA is required for authentication
:param state_token: current state token from the previous AuthResult
:type state_token: str
:param factor_type: type of factor (sms, token, question, token:software:totp, token:hardware etc)
:type factor_type: str
:param provider: factor provider (OKTA, RSA, SYMANTEC, GOOGLE etc)
:type provider: str
:param profile: factor profile that depends on the factor type
:type profile: FactorProfile
:param relay_state: data that will persist for the lifetime of the authentication or recovery token
:type relay_state: str or None
:rtype: AuthResult
"""
request = {
'stateToken': state_token,
'factorType': factor_type,
'provider': provider,
'profile': profile,
'relayState': relay_state
}
response = ApiClient.post_path(self, '/factors', request)
return Utils.deserialize(response.text, AuthResult)
def authenticate(self,
username,
password,
relay_state=None,
response_type=None,
force_mfa=None,
context=None):
"""Begin the authentication process with a username and password
:param username: user's username
:type username: str
:param password: user's password
:type password: str
:param relay_state: data that will persist for the lifetime of the authentication or recovery token
:type relay_state: str or None
:param response_type: the type of session to return (session_token or session_token_url usually)
:type response_type: str
:param force_mfa: whether to force mfa even if the auth is exempt
:type force_mfa: bool
:param context: contextual info about the auth request like ip and location
:type context: Context
:rtype: AuthResult
"""
request = {
'username': username,
'password': password,
'relayState': relay_state,
'context': context
}
params = {'force_mfa': force_mfa, 'response_type': response_type}
response = ApiClient.post_path(self, '/', request, params=params)
return Utils.deserialize(response.text, AuthResult)
def auth_with_factor(self,
state_token,
factor_id,
passcode,
relay_state=None,
remember_device=None):
"""Continue authentication with an MFA attempt
:param state_token: current state token from the previous AuthResult
:type state_token: str
:param factor_id: target factor id
:type factor_id: str
:param passcode: passcode required for authenticating the factor
:type passcode: str
:param relay_state: data that will persist for the lifetime of the
authentication or recovery token
:type relay_state: str or None
:param remember_device: whether to remember this device to avoid
requiring MFA next time
:type remember_device: bool
:rtype: AuthResult
"""
url_path = '/api/v1/authn/factors/{0}/verify'.format(factor_id)
request = {
'stateToken': state_token,
'passCode': passcode,
'relayState': relay_state
}
params = {'rememberDevice': remember_device}
response = ApiClient.post_path(self, url_path, request, params=params)
return Utils.deserialize(response.text, AuthResult)
def change_password(self,
state_token,
old_password,
new_password,
relay_state=None):
"""Change a user's password during an authentication flow
:param state_token: current state token from the previous AuthResult
:type state_token: str
:param old_password: user's current password
:type old_password: str
:param new_password: user's desired password
:type new_password: str
:param relay_state: data that will persist for the lifetime of the
authentication or recovery token
:type relay_state: str or None
:rtype: AuthResult
"""
url_path = '/api/v1/authn/credentials/change_password'
request = {
'stateToken': state_token,
'oldPassword': old_password,
'newPassword': new_password,
'relayState': relay_state
}
response = ApiClient.post_path(self, url_path, request)
return Utils.deserialize(response.text, AuthResult)
def verify_factor(self, user_id, user_factor_id, activation_token=None, answer=None, passcode=None, next_passcode=None):
"""Verify an enrolled factor
:param user_id: target user id
:type user_id: str
:param user_factor_id: target factor id
:type user_factor_id: str
:param activation_token: token required for activation
:type activation_token: str
:param answer: answer usually required for a question factor
:type answer: str
:param passcode: code required for verification
:type passcode: str
:param next_passcode: code usually required for TOTP
:type next_passcode: str
:return:
"""
request = {
'activationToken': activation_token,
'answer': answer,
'passCode': passcode,
'nextPassCode': next_passcode
}
response = ApiClient.post_path(self, '/{0}/factors/{1}/verify'.format(user_id, user_factor_id), request)
return Utils.deserialize(response.text, FactorVerificationResponse)
def change_recovery_question(self, uid, password, question, answer):
"""Changes a user's recovery question & answer by validating the user's current password
:param uid: the target user id
:type uid: str
:param password: the user's current password
:type password: str
:param question: the new recovery question
:type question: str
:param answer: the answer to the new recovery question
:type answer: str
"""
data = {
'password': {
'value': password
},
'recovery_question': {
'question': question,
'answer': answer
}
}
response = ApiClient.post_path(
self, '/{0}/credentials/change_recovery_question'.format(uid),
data)
return Utils.deserialize(response.text, LoginCredentials)
def forgot_password(auth_client, username, factor_type):
"""Patched function to forgot password flow from okta.AuthClient
"""
request = {'username': username, 'factorType': factor_type}
response = ApiClient.post_path(auth_client, '/recovery/password', request)
return Utils.deserialize(response.text, AuthResult)
def activate_factor(self,
state_token,
factor_id,
passcode,
relay_state=None):
"""Activate an MFA factor during the auth flow
:param state_token: current state token from the previous AuthResult
:type state_token: str
:param factor_id: target factor id
:type factor_id: str
:param passcode: passcode required to activate the factor
:type passcode: str
:param relay_state: data that will persist for the lifetime of the
authentication or recovery token
:type relay_state: str or None
:rtype: AuthResult
"""
url_path = ('/api/v1/authn/factors\
/{0}/lifecycle/activate').format(factor_id)
request = {
'stateToken': state_token,
'passCode': passcode,
'relayState': relay_state
}
response = ApiClient.post_path(self, url_path, request)
return Utils.deserialize(response.text, AuthResult)
def authenticate(self, username, password,
relay_state=None, response_type=None, force_mfa=None, context=None):
"""Begin the authentication process with a username and password
:param username: user's username
:type username: str
:param password: user's password
:type password: str
:param relay_state: data that will persist for the lifetime of the authentication or recovery token
:type relay_state: str or None
:param response_type: the type of session to return (session_token or session_token_url usually)
:type response_type: str
:param force_mfa: whether to force mfa even if the auth is exempt
:type force_mfa: bool
:param context: contextual info about the auth request like ip and location
:type context: Context
:rtype: AuthResult
"""
request = {
'username': username,
'password': password,
'relayState': relay_state,
'context': context
}
params = {
'force_mfa': force_mfa,
'response_type': response_type
}
response = ApiClient.post_path(self, '/', request, params=params)
return Utils.deserialize(response.text, AuthResult)
def auth_with_factor(self, state_token, factor_id, passcode,
relay_state=None, remember_device=None):
"""Continue authentication with an MFA attempt
:param state_token: current state token from the previous AuthResult
:type state_token: str
:param factor_id: target factor id
:type factor_id: str
:param passcode: passcode required for authenticating the factor
:type passcode: str
:param relay_state: data that will persist for the lifetime of the authentication or recovery token
:type relay_state: str or None
:param remember_device: whether to remember this device to avoid requiring MFA next time
:type remember_device: bool
:rtype: AuthResult
"""
request = {
'stateToken': state_token,
'passCode': passcode,
'relayState': relay_state
}
params = {
'rememberDevice': remember_device
}
response = ApiClient.post_path(self, '/factors/{0}/verify'.format(factor_id),
request, params=params)
return Utils.deserialize(response.text, AuthResult)
def enroll_factor(self, state_token, factor_type, provider, profile, relay_state=None):
"""Enroll in an MFA factor during the auth flow. Usually only encountered if MFA is required for authentication
:param state_token: current state token from the previous AuthResult
:type state_token: str
:param factor_type: type of factor (sms, token, question, token:software:totp, token:hardware etc)
:type factor_type: str
:param provider: factor provider (OKTA, RSA, SYMANTEC, GOOGLE etc)
:type provider: str
:param profile: factor profile that depends on the factor type
:type profile: FactorProfile
:param relay_state: data that will persist for the lifetime of the authentication or recovery token
:type relay_state: str or None
:rtype: AuthResult
"""
request = {
'stateToken': state_token,
'factorType': factor_type,
'provider': provider,
'profile': profile,
'relayState': relay_state
}
response = ApiClient.post_path(self, '/factors', request)
return Utils.deserialize(response.text, AuthResult)
def expire_password(self, uid, temp_password=False):
"""Expire user's password by target user id
:param uid: the target user id
:type uid: str
:param temp_password: whether a temporary password should be set
:type temp_password: bool
:return: None or TempPassword
"""
if not temp_password:
response = ApiClient.post_path(self, '/{0}/lifecycle/expire_password'.format(uid))
else:
params = {
'tempPassword': temp_password
}
response = ApiClient.post_path(self, '/{0}/lifecycle/expire_password'.format(uid), params=params)
return Utils.deserialize(response.text, TempPassword)
def create_user(self, user, activate=None):
"""Create a user
:param user: the data to create a user
:type user: User
:param activate: whether to activate the user
:type activate: bool
:rtype: User
"""
if activate is None:
response = ApiClient.post_path(self, '/', user)
else:
params = {
'activate': activate
}
response = ApiClient.post_path(self, '/', user, params=params)
return Utils.deserialize(response.text, User)
def create_app_instance(self, app_instance):
"""Create a app instance
:param app_instance: the data to create a user
:type app_instance: AppInstance
:rtype: AppInstance
"""
response = ApiClient.post_path(self, '/', app_instance)
return Utils.deserialize(response.text, AppInstance)
def deactivate_group_rule(self, rid):
"""Deactivates a specific group rule by id from your organization
:param rid: Id of the rule to be deactivated
:type rid: str
:return: None
"""
return ApiClient.post_path(
self, '/rules/{0}/lifecycle/deactivate'.format(rid))
def unlock_user(self, uid):
"""Unlock user by target id
:param uid: the target user id
:type uid: str
:return: User
"""
response = ApiClient.post_path(self, '/{0}/lifecycle/unlock'.format(uid))
return Utils.deserialize(response.text, User)
def create_app_instance(self, app_instance):
"""Create a app instance
:param app_instance: the data to create a user
:type app_instance: AppInstance
:rtype: AppInstance
"""
response = ApiClient.post_path(self, '/', app_instance)
return Utils.deserialize(response.text, AppInstance)
def deactivate_user(self, uid):
"""Deactivate user by target id
:param uid: the target user id
:type uid: str
:return: User
"""
response = ApiClient.post_path(self, '/{0}/lifecycle/deactivate'.format(uid))
return Utils.deserialize(response.text, User)
def reset_factors(self, uid):
"""Reset all user factors by target id
:param uid: the target user id
:type uid: str
:return: None
"""
response = ApiClient.post_path(self, '/{0}/lifecycle/reset_factors'.format(uid))
return Utils.deserialize(response.text, User)
def create_identity_provider(self, identity_provider):
"""Create an identity provider
:param identity_provider: the data to create the idp
:type app_instance: IdentityProvider
:rtype: IdentityProvider
"""
response = ApiClient.post_path(self, '/', identity_provider)
return Utils.deserialize(response.text, IdentityProvider)
def create_group(self, group):
"""Create a group
:param group: the data to create a group
:type group: UserGroup
:rtype: UserGroup
"""
response = ApiClient.post_path(self, '/', group)
return Utils.deserialize(response.text, UserGroup)
def create_group(self, group):
"""Create a group
:param group: the data to create a group
:type group: UserGroup
:rtype: UserGroup
"""
response = ApiClient.post_path(self, '/', group)
return Utils.deserialize(response.text, UserGroup)
def deactivate_org_factor(self, org_factor_id):
"""Deactivate OrgAuthFactor
:param org_factor_id: target factor id
:type org_factor_id: str
:rtype: OrgAuthFactor
"""
response = ApiClient.post_path(self, '/factors/{0}/lifecycle/deactivate'.format(org_factor_id))
return Utils.deserialize(response.text, OrgAuthFactor)
def deactivate_user(self, uid):
"""Deactivate user by target id
:param uid: the target user id
:type uid: str
:return: User
"""
response = ApiClient.post_path(self,
'/{0}/lifecycle/deactivate'.format(uid))
return Utils.deserialize(response.text, User)
def unlock_user(self, uid):
"""Unlock user by target id
:param uid: the target user id
:type uid: str
:return: User
"""
response = ApiClient.post_path(self,
'/{0}/lifecycle/unlock'.format(uid))
return Utils.deserialize(response.text, User)
def expire_password(self, uid, temp_password=False):
"""Expire user's password by target user id
:param uid: the target user id
:type uid: str
:param temp_password: whether a temporary password should be set
:type temp_password: bool
:return: None or TempPassword
"""
if not temp_password:
response = ApiClient.post_path(
self, '/{0}/lifecycle/expire_password'.format(uid))
else:
params = {'tempPassword': temp_password}
response = ApiClient.post_path(
self,
'/{0}/lifecycle/expire_password'.format(uid),
params=params)
return Utils.deserialize(response.text, TempPassword)
def unsuspend_user(self, uid):
"""Unsuspend user by target id
:param uid: the target user id
:type uid: str
:return: User
"""
response = ApiClient.post_path(self,
'/{0}/lifecycle/unsuspend'.format(uid))
return Utils.deserialize(response.text, self.user_class)
def assign_roles_to_user(self, uid, role_type):
"""Assigns a role to a user.
:param uid: User id: str
:param role_type: Role type: str
:return: Role
"""
data = {'type': role_type}
response = ApiClient.post_path(self, '/{0}/roles'.format(uid), data)
return Utils.deserialize(response.text, Role)
def reset_factors(self, uid):
"""Reset all user factors by target id
:param uid: the target user id
:type uid: str
:return: None
"""
response = ApiClient.post_path(
self, '/{0}/lifecycle/reset_factors'.format(uid))
return Utils.deserialize(response.text, User)
def update_factor_device(self, user_id, factor_device_request):
"""Update a factor device for a user
:param user_id: target user id
:type user_id: str
:param factor_device_request: data to update the factor device
:type factor_device_request: FactorDeviceRequest
:rtype: FactorDevice
"""
response = ApiClient.post_path(self, '/{0}/factors/{1}'.format(user_id), factor_device_request)
return Utils.deserialize(response.text, FactorDevice)
def activate_org_factor(self, org_factor_id, org_auth_factor=None):
"""Activate OrgAuthFactor
:param org_factor_id: target factor id
:type org_factor_id: str
:param org_auth_factor: additional factor data
:param org_auth_factor: OrgAuthFactor
:rtype: OrgAuthFactor
"""
response = ApiClient.post_path(self, '/factors/{0}/lifecycle/activate'.format(org_factor_id), org_auth_factor)
return Utils.deserialize(response.text, OrgAuthFactor)
def update_user_by_id_partially(self, uid, user):
"""Partially update a user, defined by an id
:param uid: the target user id
:type uid: str
:param user: the data to update the target user
:type user: User
:rtype: User
"""
response = ApiClient.post_path(self, '/{0}'.format(uid), user)
return Utils.deserialize(response.text, self.user_model)
def enroll_factor_device(self, user_id, factor_enroll_request):
"""Enroll a factor device for a user
:param user_id: target user id
:type user_id: str
:param factor_enroll_request: data to enroll the factor device
:type factor_enroll_request: FactorEnrollRequest
:rtype: FactorDevice
"""
response = ApiClient.post_path(self, '/{0}/devices'.format(user_id), factor_enroll_request)
return Utils.deserialize(response.text, FactorDevice)
def resend_code(self, user_id, user_factor_id):
"""Resend code for a factor
:param user_id: target user id
:type user_id: str
:param user_factor_id: target factor id
:type user_factor_id: str
:return:
"""
response = ApiClient.post_path(self, '/{0}/factors/{1}/resend'.format(user_id, user_factor_id))
return Utils.deserialize(response.text, Factor)
def activate_user(self, uid, send_email=True):
"""Activate user by target id
:param uid: the target user id
:type uid: str
:return: User
"""
params = {'sendEmail': send_email}
response = ApiClient.post_path(self,
'/{0}/lifecycle/activate'.format(uid),
params=params)
return Utils.deserialize(response.text, ActivationResponse)
def create_user(self, user, activate=None, next_login=None):
"""Create a user
:param user: the data to create a user
:type user: User
:param activate: whether to activate the user
:type activate: bool
:param next_login: set to 'changePassword' to force a password change
:type next_login: str
:rtype: User
"""
if activate is None:
response = ApiClient.post_path(self, '/', user)
else:
params = {}
if activate is not None:
params['activate'] = activate
if next_login is not None:
params['nextLogin'] = next_login
response = ApiClient.post_path(self, '/', user, params=params)
return Utils.deserialize(response.text, User)
def create_session_by_session_token(self, session_token, additional_fields=None):
"""Create a session using a session token
:param session_token: a token that can be exchanged for a session
:type session_token: str
:param additional_fields: additional fields that will be included in the response
:type additional_fields: str
:rtype: Session
"""
data = {'sessionToken': session_token}
params = {'additionalFields': additional_fields}
response = ApiClient.post_path(self, '/', data, params=params)
return Utils.deserialize(response.text, Session)
def reset_password(self, uid, send_email=True):
"""Reset user's password by target user id
:param uid: the target user id
:type uid: str
:param send_email: whether a password reset email should be sent
:type send_email: bool
:return: None or ResetPasswordToken
"""
params = {
'sendEmail': send_email
}
response = ApiClient.post_path(self, '/{0}/lifecycle/reset_password'.format(uid), params=params)
return Utils.deserialize(response.text, ResetPasswordToken)
def enroll_factor(self, user_id, factor_enroll_request, update_phone=None):
"""Enroll a user into a factor
:param user_id: target user id
:type user_id: str
:param factor_enroll_request: the details to enroll the user
:type factor_enroll_request: FactorEnrollRequest
:param update_phone: whether to update the user's phone during enrollment
:type update_phone: bool
:rtype: Factor
"""
params = {
'updatePhone': update_phone
}
response = ApiClient.post_path(self, '/{0}/factors'.format(user_id), factor_enroll_request, params=params)
return Utils.deserialize(response.text, Factor)
def validate_recovery_token(self, recovery_token, relay_state=None):
"""Validate a token for recovery
:param recovery_token: token distributed to end-user via out-of-band mechanism such as email
:type recovery_token: str
:param relay_state: data that will persist for the lifetime of the authentication or recovery token
:type relay_state: str or None
:rtype: AuthResult
"""
request = {
'recoveryToken': recovery_token,
'relayState': relay_state
}
response = ApiClient.post_path(self, '/recovery/token', request)
return Utils.deserialize(response.text, AuthResult)
def forgot_password(self, username, relay_state=None):
"""Initiate a forgot password flow for a user
:param username: user's username
:type username: str
:param relay_state: data that will persist for the lifetime of the authentication or recovery token
:type relay_state: str or None
:rtype: AuthResult
"""
request = {
'username': username,
'relayState': relay_state
}
response = ApiClient.post_path(self, '/recovery/password', request)
return Utils.deserialize(response.text, AuthResult)
def unlock_account(self, username, relay_state=None):
"""Begin unlocking an account
:param username: user's username
:type username: str
:param relay_state: data that will persist for the lifetime of the authentication or recovery token
:type relay_state: str or None
:rtype: AuthResult
"""
request = {
'username': username,
'relayState': relay_state
}
response = ApiClient.post_path(self, '/recovery/unlock', request)
return Utils.deserialize(response.text, AuthResult)
def get_status(self, state_token, relay_state=None):
"""Get the status of an in-progress authentication
:param state_token: current state token from the previous AuthResult
:type state_token: str
:param relay_state: data that will persist for the lifetime of the authentication or recovery token
:type relay_state: str or None
:rtype: AuthResult
"""
request = {
'stateToken': state_token,
'relayState': relay_state
}
response = ApiClient.post_path(self, '/', request)
return Utils.deserialize(response.text, AuthResult)
def create_session(self, username, password, additional_fields=None):
"""Create a session
:param username: the user's username
:type username: str
:param password: the user's password
:type password: str
:param additional_fields: additional fields that will be included in the response
:type additional_fields: str
:rtype: Session
"""
creds = Credentials()
creds.username = username
creds.password = password
params = {'additionalFields': additional_fields}
response = ApiClient.post_path(self, '/', creds, params=params)
return Utils.deserialize(response.text, Session)
def verify_transaction(self, factor_id, transaction_id, user_response):
"""Verify a transaction
:param factor_id: target factor id
:type factor_id: str
:param transaction_id: target transaction id
:type transaction_id: str
:param user_response: APPROVE or REJECT
:type user_response: str
:rtype: AuthResult
"""
request = {
'result': user_response
}
response = ApiClient.post_path(self, '/factors/{0}/transactions/{1}/verify'.format(factor_id, transaction_id), request)
return Utils.deserialize(response.text, AuthResult)
def resend_code(self, state_token, factor_id, relay_state=None):
"""Resend an a passcode for an authentication factor
:param state_token: current state token from the previous AuthResult
:type state_token: str
:param factor_id: target factor id
:type factor_id: str
:param relay_state: data that will persist for the lifetime of the authentication or recovery token
:type relay_state: str or None
:rtype: AuthResult
"""
request = {
'stateToken': state_token,
'relayState': relay_state
}
response = ApiClient.post_path(self, '/factors/{0}/lifecycle/resend'.format(factor_id), request)
return Utils.deserialize(response.text, AuthResult)
def unlock_account_answer(self, state_token, security_answer, relay_state=None):
"""Unlock an account during an authentication
:param state_token: current state token from the previous AuthResult
:type state_token: str
:param security_answer: answer to the user's security question
:type security_answer: str
:param relay_state: data that will persist for the lifetime of the authentication or recovery token
:type relay_state: str or None
:rtype: AuthResult
"""
request = {
'stateToken': state_token,
'securityAnswer': security_answer,
'relayState': relay_state
}
response = ApiClient.post_path(self, '/recovery/answer', request)
return Utils.deserialize(response.text, AuthResult)
def reset_password(self, state_token, new_password, relay_state=None):
"""Reset a user's password during an authentication flow
:param state_token: current state token from the previous AuthResult
:type state_token: str
:param new_password: user's desired password
:type new_password: str
:param relay_state: data that will persist for the lifetime of the authentication or recovery token
:type relay_state: str or None
:rtype: AuthResult
"""
request = {
'stateToken': state_token,
'newPassword': new_password,
'relayState': relay_state
}
response = ApiClient.post_path(self, '/credentials/reset_password', request)
return Utils.deserialize(response.text, AuthResult)
def activate_factor_device(self, user_id, user_factor_id, device_id, passcode):
"""Activate a factor device for a user
:param user_id: target user id
:type user_id: str
:param user_factor_id: target factor id
:type user_factor_id: str
:param device_id: target factor device id
:type device_id: str
:param passcode: code required to activate the factor device
:type passcode: str
:rtype: FactorDevice
"""
request = {
'passCode': passcode
}
response = ApiClient.post_path(self, '/{0}/factors/{1}/devices/{2}/lifecycle/activate'.format(
user_id, user_factor_id, device_id), request)
return Utils.deserialize(response.text, Factor)
