Merge pull request github#85 from github/2fa-filter

jasonrudolph · jasonrudolph · commit ab7828007141 · 2014-01-29T11:44:34.000-08:00
Document filter for auditing 2FA
diff --git a/content/changes/2014-01-29-audit-org-members-for-2fa.md b/content/changes/2014-01-29-audit-org-members-for-2fa.md
@@ -0,0 +1,23 @@
+---
+kind: change
+title: Audit organization members for two-factor authentication
+created_at: 2014-01-29
+author_name: pengwynn
+---
+
+We've added a [new filter][filter] for listing members of an organization without
+[two-factor authentication][2fa-blog] enabled:
+
+
+<pre class="terminal">
+$ curl -H "Authorization: token [yours]" \
+       https://api.github.com/orgs/octokit/members\?filter\=2fa_disabled
+</pre>
+
+The new filter is available for owners of organizations with private
+repositories. Happy auditing and [send us your feedback or questions][contact].
+
+[filter]: /v3/orgs/members/#audit-two-factor-auth
+[2fa-blog]: https://github.com/blog/1614-two-factor-authentication
+[contact]: https://github.com/contact?form[subject]=API+2FA+filter
+
diff --git a/content/v3/orgs/members.md b/content/v3/orgs/members.md
@@ -17,6 +17,14 @@ will be redirected to the [public members list](#public-members-list).
 
     GET /orgs/:org/members
 
+### Parameters {#audit-two-factor-auth}
+
+Name    | Type    | Description
+--------|---------|--------------
+`filter`|`string` | Filter members returned in the list. Can be one of:<br/>* `2fa_disabled`: Members without [two factor authentication][2fa-blog] enabled. Available for owners of organizations with private repositories.<br/>* `all`: All members the authenticated user can see.<br/><br/>Default: `all`
+
+[2fa-blog]: https://github.com/blog/1614-two-factor-authentication
+
 ### Response
 
 <%= headers 200 %>
