# Update security policy

Update the MFA policy for all accounts (tenants).

Endpoint: PATCH /resources/configurations/v1/mfa-policy
Security: bearer

## Header parameters:

  - `frontegg-tenant-id` (string)
    The account (tenant) ID identifier

## Request fields (application/json):

  - `enforceMFAType` (string)
    Determine whether MFA should be enforced.
    Enum: "DontForce", "Force", "ForceExceptSAML"

  - `allowRememberMyDevice` (boolean)
    Determine whether devices can be remembered and authentication can be skipped.

  - `mfaDeviceExpiration` (number)
    Expiration time of device in seconds

## Response 200 fields (application/json):

  - `id` (string, required)

  - `enforceMFAType` (string)

  - `allowRememberMyDevice` (boolean, required)

  - `mfaDeviceExpiration` (number, required)

  - `createdAt` (string, required)

  - `updatedAt` (string, required)


## Response 400 fields

## Response 404 fields