I have enabled Multi-factor Auth option inside Security settings of Auth0 Dashboard. I have enabled SMS and Email, but when my user logs in any of my applications user does not receive Multi factor authentication screen. Why is that? Thanks in advance.
Hello @sjh1! Welcome to the community.
I understand MFA is no being prompted on login despite email and SMS being enabled.
Under the MFA tab under Security, there is another setting for when MFA will be required. It is default set to never. Click on Always to ensure the user is asked to use MFA every time and then click save and that should prompt the user to complete MFA on login.
If this doesn’t work or you have already tried this, please let me know!
Best,
Alex
1 Like
Thanks. That solved my problem, now i have another question. I checked ‘Show Multi-factor Authentication Options’ under ‘Additional Settings’, why am i always prompted to provide (phone number/enter code received on phone), when i allowed MFA using email also? I understand that this option should allow users to pick between MFA options (Email/Phone message). Thanks in advance.
I’m glad we could figure out the first part!
For the second part you can customize with post-login actions. Check out this doc for more information and example code:
If this doesn’t help I’m happy to answer more questions!
Best,
Alex
1 Like
Yes, this looks like something i need. But when i try code from documentation example its not working.
enrolledFactors cant be passed to challengeWithAny() function. Is this function changed, but documentation is not updated. Thanks.
Hey @sjh1 !
I was looking at the code and it seems that the variable enrolledFactors that you define isn’t a valid type for the challengeWithAny(). Using the event.user.enrolledFactors should have the proper type of array of objects. An example would look like this: ( [ { type: ‘phone’ }, { type: 'email } ] ). This should also be shown on the documentation that I sent over earlier.
Please let me know if this solves your issue or if you have any other questions!
Best,
Alex
I cant hard code that array, i need it to be dynamic and read that data from users metadata. The code i used is from example showed on documentation page that You sent, here is the screenshot from that page:
Function also wont accept hardcoded array as variable, for some reason.
What is the error you were getting? This should help figure out next steps.
Best,
Alex
Hey @sjh1 ! Thanks for the screenshot.
I recreated the error you are currently getting and looked at the docs you mentioned. Heres the code I was using:
exports.onExecutePostLogin = async (event, api) => {
const enrolledFactors = event.user.enrolledFactors.map((f) => ({type: f.type}));
api.authentication.challengeWithAny(enrolledFactors);
};
This was getting the same errors that you were getting but when it was deployed and assigned to the post-login trigger, it works as intended. Once logged in, I had the choice to select from any enrolled factor.
To ensure that the test user is properly enrolled in multiple factors before using the code mentioned, you can check on the Auth0 Dashboard under User Management → Users → {test@user.com} → Details and look under the MFA section for enrolled factors, or use the extension ‘Real-time Webtask Logs’, as well as console.log(event.user.enrolledFactors) in my action. If there is only one factor enrolled, it will not give the option to choose.
I am not sure why the documented code that works is showing errors, but I will look into it.
Please let me know if it works for you too and let me know if you have any questions!
Best,
Alex
1 Like
Thanks @alex.brett, its working, but the error confused me, i thought it wont work when the error is shown in action edit file.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.