Docs › API Reference › Identity Service › POST /auth/me/authenticator/backup
POST /auth/me/authenticator/backup
Upload authenticator backup encrypted by frontend PBKDF2+AES-GCM; server stores only ciphertext and cannot decrypt. Each user can save up to 3 historical versions (LRU eviction).
Sessions & Devices `bearerAuth` application/json
Request Body
Schema: dto.AuthenticatorBackupUploadRequest
Field Type Required Example Constraints Description
encrypted_data
string
Yes
AES-GCM-encrypted-base64...
account_count
integer
No
5
backup_type
string
No
totp
checksum
string
No
sha256-hash
device_name
string
No
iPhone 15
Referenced Schemas
dto.AuthenticatorBackupDetailResponse
dto.AuthenticatorBackupResponse
Field Type Required Example Constraints Description
account_count
integer
No
5
backup_type
string
No
totp
checksum
string
No
sha256-hash
created_at
string
No
2026-05-12T12:00:00Z
device_name
string
No
iPhone 15
encrypted_data
string
No
AES-GCM-encrypted-base64...
id
string
No
backup-abc123
version
integer
No
1