Biometrics With Email

Sophia_V · June 1, 2023, 2:53pm

Hello,

We are trying to implement ‘WebAuthn with FIDO Device Biometrics’ for our mobile app.
We get following error when only ‘Email’ is set as the secondary factor:
{
“error”: “invalid_request”,
“error_description”: “No confirmed authenticators for the enabled factors”
}

Is it necessary to select Google authenticator or similar as a factor?
For mobile apps, it becomes rather difficult to scan QR code.

Is there a way for users to get the authentication code via mail when enabling biometrics?

Thank you

dan.woda · June 13, 2023, 12:59pm

Hi @Sophia_V,

Welcome to the Auth0 Community!

You are seeing this error because device biometrics requires an alternate backup factor. This is due to the fact the the biometric factor is tied to a specific device and this would not allow for login on another device.

Further, the email factor is not treated as a true 2nd factor because it is tied to the same factor as the password. More details on that here.

You will need to set up true second factor (e.g. SMS) to continue with device biometrics.

Sophia_V · June 13, 2023, 2:27pm

Thank you for getting back to us.
We currently have the ‘free’ subscription.
Is it possible to set SMS as the second factor in the free subscription plan?

dan.woda · June 13, 2023, 2:52pm

SMS is not included in the free plan. In fact, no MFA features are included in the free plan.

You can see the pricing breakdown here if you click the Compare Plans button.

Sophia_V · June 13, 2023, 3:00pm

Thank you for letting us know.

dan.woda · June 13, 2023, 3:06pm

No problem. Please let us know if you have any other questions!

system · June 27, 2023, 3:06pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.