Configuring MFA Flow to require MFA once per session with Actions

rueben.tiow June 14, 2022, 3:10am 1

Problem statement

Is there a way to allow the users to be remembered for 30 days with MFA Actions?

Solution

Yes, it is possible to configure MFA to remember the user by passing an options object to the api.multifactor.enable() method. By doing so, you are making a call that tells the browser to remember that user for 30 days. See below:

exports.onExecutePostLogin = async (event, api) => {
  api.multifactor.enable('any', {allowRememberBrowser: true});
};

Reference Materials:

1 Like

Not able to refresh token if mfa is eanbled (Error: mfa_required)

2FA using phone number and conditional 2FA trigger

June Community News 2022

Using Last Logine Timestamp

Topic		Replies	Views
Force MFA on Every Log In via Actions Knowledge Articles actions , multifactor , mfa-enforcement	1	439	February 6, 2024
MFA Once per Session Action FAQ example seems incomplete Help mfa , mfa-prompt-new-experience	1	1018	August 14, 2023
Custom Action to Decide MFA Frequency for Universal Login flows Knowledge Articles multi-factor , remember-device , multifactor	1	2144	September 14, 2022
"mfa_required" error instead of using refresh token with Actions Knowledge Articles mfa , extensibility , actions	1	4009	June 14, 2022
Strategies to Prompt MFA at Customized Intervals Knowledge Articles actions , multifactor	1	703	December 7, 2023

Configuring MFA Flow to require MFA once per session with Actions

Problem statement

Solution

Reference Materials:

Related Topics