Added the Unlock users endpoint

aleksandrychev · aleksandrychev · commit 7e31bd767b11 · 2024-09-06T13:51:00.000+03:00
Signed-off-by: Ihor Aleksandrychiev &lt;ihor.aleksandrychiev@northern.tech&gt;
diff --git a/api/enterprise-api-ref/users-rbac.markdown b/api/enterprise-api-ref/users-rbac.markdown
@@ -367,3 +367,30 @@ API call allowed only for administrator.
 
 Remove role definition.
 API call allowed only for administrator.
+
+## Unlock user
+
+If a system enforces using two-factor authentication (2FA),
+users must configure it after their first login within 48 hours.
+This endpoint unlocks users who have been locked out due to this reason
+and grants an additional 48 hours to complete the 2FA setup.
+
+Note: to be able to perform this action related RBAC rule (alias `user.unlock`) should be enabled.
+
+**URI:** https://hub.cfengine.com/api/user/:username/unlock
+
+**Method:** POST
+
+**Example request (curl):**
+
+```console
+curl --user <username>:<password> \
+  -X POST \
+  https://hub.cfengine.com/api/user/tom/unlock
+```
+
+**Example response:**
+
+```
+HTTP 202 ACCEPTED
+```
