Problem statement
This rule is critical to our business processes, which is why I’m wanting a little bit better guidance than the available documentation.
function multifactorAuthentication(user, context, callback){{
if (!(user.user_id === "auth0|60dc97133cf3a40069231cbd" || user.user_id === "auth0|61670cc4a3e900006ae87631" || user.user_id === "auth0|63403a6059ca06f83f35ddb2"){
context.multifactor = {
provider: 'any',
allowRememberBrowser: true
};
}
callback(null, user, context);
}
Solution
The equivalent Action for the mentioned rule would look like this:
/**
* @param {Event} event - Auth0 event data
*/
exports.onExecutePostLogin = async (event, api) => {
const { user } = event;
if (!(user.user_id === "auth0|60dc97133cf3a40069231cbd" || user.user_id === "auth0|61670cc4a3e900006ae87631" || user.user_id === "auth0|63403a6059ca06f83f35ddb2")) {
const authMethods = event.authentication?.methods || [];
console.log("methods", authMethods);
const completedMfa = !!authMethods.some(e => e.name === 'mfa');
if (completedMfa) {
return;
}
api.multifactor.enable("any", { allowRememberBrowser: false });
}
};
Please make sure to test the script thoroughly in a development Tenant to make sure it’s working correctly before launching it into production.