> ## Documentation Index
> Fetch the complete documentation index at: https://support.fortanix.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Use a backup recovery code to complete authentication.

> Complete two factor authentication with a backup recovery code.
Each recovery code may only be used once, so users should update
their two factor configuration after using this API.

## OpenAPI

````json POST /sys/v1/session/auth/2fa/recovery_code
{
  "openapi": "3.0.0",
  "info": {
    "title": "Fortanix DSM REST API",
    "description": "This is a set of REST APIs for accessing the Fortanix Data Security Manager. This includes APIs for managing accounts, and for performing cryptographic and key management operations. \n\n **Note:** \n- All binary input should be base64-encoded. These fields are marked with `format: byte`. \n- For forward compatibility, any API client is expected to ignore any fields in the response not explicitly mentioned in the documentation. We reserve the right to add new fields at any time to provide new functionality without affecting existing API clients.",
    "termsOfService": "https://www.fortanix.com/legal/terms/",
    "contact": {
      "name": "Fortanix Support",
      "url": "https://support.fortanix.com/",
      "email": "support@fortanix.com"
    },
    "license": {
      "name": "Apache 2.0",
      "url": "http://www.apache.org/licenses/LICENSE-2.0.html"
    },
    "version": "0.1.0-20260526"
  },
  "servers": [
    {
      "url": "https://amer.smartkey.io"
    }
  ],
  "paths": {
    "/sys/v1/session/auth/2fa/recovery_code": {
      "post": {
        "operationId": "RecoveryCodeAuth",
        "tags": [
          "Session"
        ],
        "security": [
          {
            "bearerToken": []
          },
          {
            "apiKeyAuth": []
          }
        ],
        "summary": "Use a backup recovery code to complete authentication.",
        "description": "Complete two factor authentication with a backup recovery code.\nEach recovery code may only be used once, so users should update\ntheir two factor configuration after using this API.",
        "requestBody": {
          "required": true,
          "content": {
            "application/json": {
              "schema": {
                "$ref": "#/components/schemas/RecoveryCodeAuthRequest"
              }
            }
          }
        },
        "responses": {
          "204": {
            "description": "Nothing is returned on success"
          }
        }
      }
    }
  },
  "components": {
    "schemas": {
      "RecoveryCodeAuthRequest": {
        "allOf": [
          {
            "type": "object",
            "description": "Request to authenticate using U2F recovery code.",
            "properties": {
              "recovery_code": {
                "type": "string"
              }
            },
            "required": [
              "recovery_code"
            ]
          }
        ]
      }
    }
  }
}
````