Allow user to setup MFA if not yet setup

anil.babu · November 16, 2023, 11:49am

Hi Team,

I am trying to enable MFA for a specific Client ID, code looks something like this:


exports.onExecutePostLogin = async (event, api) => {
	const CLIENTS_WITH_MFA = [ <myClientIdList>
	];

	if (CLIENTS_WITH_MFA.includes(event.client.client_id)) {
		api.multifactor.enable('any', { allowRememberBrowser: false })
	}
}

However, if a user has not yet already registered for the MFA, we need the ability to allow the user to configure the MFA. Can you please help us understand:

how can we check if the user is enabled for MFA or not
how can we allow the user to register for MFA post login, if he/she has not yet configured?

Thanks in advance.

rueben.tiow · November 16, 2023, 10:38pm

Hi @anil.babu,

Welcome to the Auth0 Community!

You can check the event.user.multifactor property to see if the user has MFA enrolled. If so, you should see an array of the MFA factors currently enrolled.

You can check if the user has any MFA factors currently enrolled. If the user has no MFA factors enrolled then allow the user to enroll MFA.
For example:

if(!event.user.multifactor){
  api.multifactor.enable('any',  { allowRememberBrowser: false})
}

I hope this helps!

Thanks,
Rueben

system · November 30, 2023, 10:39pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.