I am trying to retreive a list users that shows whether or not they have two factor enabled. So far I am only able to view all users using
api/users.json?filter=userGroups.id:in:[XXXXXXX]&fields=name,userCredentials[lastLogin,disabled,twoFA=:false],userRoles[id,name],userGroups[id,name]
How do I specify twoFA disabled?
My server is on version 2.37.
Hi @ShonM
Welcome back to the community! 
You are already on the right path by using the filter option filter= in the API request, so you could add another filter twoFactorEnabled:eq:false which will filter out the users who have two factor authentication. I see a mistake in the URL userCredentials[lastLogin,disabled,twoFA=:false] shouldn’t include twoFA=:false because we can’t filter in the fields. Here’s how to correct it:
api/users.json?filter=userGroups.id:in:[XXXXXXX]&**filter=twoFactorEnabled:eq:true**&fields=name,userCredentials[lastLogin,disabled,twoFA],userRoles[id,name],userGroups[id,name]
@Gassim thanks very much. What actually worked for me was
api/users.json?filter=userGroups.id:in:XXXXXXX]&filter=userCrendentials.twoFA:eq:true&fields=name,userCredentials[lastLogin,disabled,twoFA],userRoles[id,name],userGroups[id,name]