Important: This API returns an array of recoveryCodes if successful. DO NOT store these on behalf of the user and ensure that your application includes relevant messaging to the user to save these safely. If a user loses these codes and access to their authenticator device, the only way to reset a user 2FA will be through contacting support and verifying that the user is the same identity requesting a reset.