Enabling company-wide 2FA logs out users who don't already have 2FA enabled

January 9, 2020
apisecurity

Enabling 2FA company-wide now correctly invalidates existing session tokens for users who don't already have 2FA enabled.

You can enable 2FA company-wide via the Update Customer endpoint.

Prior change: Pagination metadata is added to the response from the List All Events endpoint

Following change: Enabling user 2FA invalidates any other open sessions