From e4a460f592dbfd98b9cfa503b8d822b9e411ff92 Mon Sep 17 00:00:00 2001
From: daeyeon ko <rowan@megazone.com>
Date: Fri, 18 Jul 2025 17:10:26 +0900
Subject: [PATCH 1/2] feat: Add schema according to MFA enforce option

---
 proto/spaceone/api/identity/v2/user.proto | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/proto/spaceone/api/identity/v2/user.proto b/proto/spaceone/api/identity/v2/user.proto
index e5b8b66b7..27eaf7541 100644
--- a/proto/spaceone/api/identity/v2/user.proto
+++ b/proto/spaceone/api/identity/v2/user.proto
@@ -114,6 +114,7 @@ enum AuthType {
 
 enum UserRequiredAction {
   UPDATE_PASSWORD = 0;
+  ENFORCE_MFA = 1;
 }
 
 
@@ -160,6 +161,10 @@ message CreateUserRequest {
   google.protobuf.Struct tags = 8;
   // If reset_password is true, send email
   bool reset_password = 9;
+  // +optional
+  MFA mfa = 10;
+  // +optional
+  repeated UserRequiredAction required_actions = 11;
 }
 
 //{
@@ -188,6 +193,10 @@ message UpdateUserRequest {
   google.protobuf.Struct tags = 7;
   // +optional
   bool reset_password = 8;
+  // +optional
+  MFA mfa = 9;
+  // +optional
+  repeated UserRequiredAction required_actions = 10;
 }
 
 //{

From 1a46a056b04455219598fd8e73f9b06213598d4e Mon Sep 17 00:00:00 2001
From: daeyeon ko <rowan@megazone.com>
Date: Tue, 22 Jul 2025 14:44:45 +0900
Subject: [PATCH 2/2] fix: Change user MFA requset payload method from
 unstructured format to flag

Signed-off-by: daeyeonko <kkdy21@naver.com>
---
 proto/spaceone/api/identity/v2/user.proto | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/proto/spaceone/api/identity/v2/user.proto b/proto/spaceone/api/identity/v2/user.proto
index 27eaf7541..82e9f10f6 100644
--- a/proto/spaceone/api/identity/v2/user.proto
+++ b/proto/spaceone/api/identity/v2/user.proto
@@ -117,6 +117,11 @@ enum UserRequiredAction {
   ENFORCE_MFA = 1;
 }
 
+enum MFAType {
+  MFA_TYPE_NONE = 0;
+  OTP = 1;
+  EMAIL = 2;
+}
 
 message MFA {
   enum State {
@@ -126,7 +131,7 @@ message MFA {
   }
 
   State state = 1;
-  string mfa_type = 2;
+  MFAType mfa_type = 2;
   google.protobuf.Struct options = 3;
 
 }
@@ -162,9 +167,9 @@ message CreateUserRequest {
   // If reset_password is true, send email
   bool reset_password = 9;
   // +optional
-  MFA mfa = 10;
+  optional bool enforce_mfa = 10;
   // +optional
-  repeated UserRequiredAction required_actions = 11;
+  MFAType enforce_mfa_type = 11;
 }
 
 //{
@@ -194,9 +199,9 @@ message UpdateUserRequest {
   // +optional
   bool reset_password = 8;
   // +optional
-  MFA mfa = 9;
+  optional bool enforce_mfa = 9;
   // +optional
-  repeated UserRequiredAction required_actions = 10;
+  MFAType enforce_mfa_type = 10;
 }
 
 //{