In the context of API operations, the "something that you have", criteria of MFA would be how users are requested to possess a valid API key or token asides from their username and passcode.
Some cloud services providers like Amazon Web Services(AWS) offer MFA options that are integrated with their API services.
Hi! My current pet project: Read-only 100% offline secure multi-user container in a single HTML file that requires no external software to extract secrets:
https://github.com/griffin-container/griffin
In the context of API operations, the "something that you have", criteria of MFA would be how users are requested to possess a valid API key or token asides from their username and passcode.
Some cloud services providers like Amazon Web Services(AWS) offer MFA options that are integrated with their API services.
I hope this helps?
Thanks for the reply! I meant using devices like hardware tokens or phones for MFA, in the context of performing API operations from scripts.