Convert Test User Rule to Action

Problem statement

This rule is critical to our business processes, which is why I’m wanting a little bit better guidance than the available documentation.

function multifactorAuthentication(user, context, callback){{
  if (!(user.user_id === "auth0|60dc97133cf3a40069231cbd" || user.user_id === "auth0|61670cc4a3e900006ae87631" || user.user_id === "auth0|63403a6059ca06f83f35ddb2"){
    context.multifactor = {
      provider: 'any',
      allowRememberBrowser: true
    };
  }
  callback(null, user, context);
}

Solution

The equivalent Action for the mentioned rule would look like this:

/**
* @param {Event} event - Auth0 event data
*/
exports.onExecutePostLogin = async (event, api) => {
    const { user } = event;

    if (!(user.user_id === "auth0|60dc97133cf3a40069231cbd" || user.user_id === "auth0|61670cc4a3e900006ae87631" || user.user_id === "auth0|63403a6059ca06f83f35ddb2")) {
        const authMethods = event.authentication?.methods || [];
        console.log("methods", authMethods);
        const completedMfa = !!authMethods.some(e => e.name === 'mfa');

        if (completedMfa) {
            return;
        }

        api.multifactor.enable("any", { allowRememberBrowser: false });
    }
};

Please make sure to test the script thoroughly in a development Tenant to make sure it’s working correctly before launching it into production.