Feature: Provide a short title of your feature request/feedback.
Description: As a developer, I would like to have the ability to implement “Remember My Device for 30 days” feature using APIs integration.
Use-case: We are building a Portal for our users, using Auth0 as authentication server.
When a user logs in, store a unique identifier associated with their device and set an expiration time of 30 days for this identifier. During subsequent logins, check if the identifier is still valid. If yes, allow the user to bypass authentication.
Similar issue here:
We have decided to implement our own login screens using the ROPG flow with MFA (cf. https://auth0.com/docs/secure/multi-factor-authentication/authenticate-using-ropg-flow-with-mfa). We have everything working now, but the only part we can’t figure out is the “Remember this device for 30 days” checkbox that you show in your universal login solution.
It would be great (if not necessary) to have an extra parameter we can pass when calling /oauth/token with the grant type http://auth0.com/oauth/grant-type/mfa-otp to prevent getting an mfa-required response every time we authenticate a user.