Initiates the enrollment into two factor authentication. Generates a shared secret that can be used by an authenticator application to generate TOTPs.
This endpoint can be invoked even if the user has 2FA already enabled, a new secret will be generated and kept inactive until the user completes the activation process.
The response includes the base32 encoded secret that can be directly used in the authenticator application. The client can generate a QR code for convenience so that the user can scan the secret instead. The URL to embed in the QR code can follow this format: https://github.com/google/google-authenticator/wiki/Key-Uri-Format.
For example: otpauth://totp/Synapse:email@example.com?secret=secret&issuer=Synapse%20Prod&algorithm=SHA1&digits=6&period=30.