Attempt a time-based one-time password verification.
NB: When the query parameter 'returnJwt' is included and set to 'true', the response will change from a 204 with no content to a 200 with a JSON body. This body will contain an assertion in the form of a JWT, which serves as cryptographic proof of the factor performed. The format of the response body is:
- authnAnyUser (Authenticate any user)
- authn (Authenticate self)