KSC Open API  13.1
Kaspersky Security Center API description
boolean TotpGlobalSettings::IfCanConfigure2FaSettings ( [out] boolean  bLoggedInUsing2FA)

Checks whether calling user has enough access rights to modify 2FA settings Used by console to decide whether to display configuration options and whether to start setting up 2FA for current user. 2FA settings modification is allowed only if this method returns true AND bLoggedInUsing2FA is true.

Parameters:
[out]bLoggedInUsing2FAIf true, then user logged in using 2FA and is allowed to change 2FA settings If false, then user is not logged in using 2FA and doesn't have rights to change critical 2FA settings
Returns:
true, if ACL allows current user to change 2FA settings If return value is true, but bLoggedInUsing2FA is false, then setting up 2FA for current user is required before user is allowed to change settings.