Last Updated: Dec 6, 2024
Overview
Create an MFA enrollment for a user and then create another enrollment. There will be an enrollment created_at a specific date, but the field multifactor_last_modified for that user will contain a date far older than the previous one, causing some confusion.
This article clarifies the difference between the multifactor_last_modified field and other fields like created_at in the MFA enrollments section of a user profile JSON and when is a user’s multifactor_last_modified field updated.
"multifactor_last_modified": "2022-10-28T18:03:00.808Z",
"app_metadata": {
"authorization": {
"groups": [],
"roles": [],
"permissions": []
}
},
"last_ip": "170.51.110.49",
"last_login": "2022-10-28T18:02:09.802Z",
"logins_count": 11,
"blocked_for": [],
"guardian_authenticators": [
{
"id": "sms|dev_XXXX",
"type": "sms",
"confirmed": true,
"name": "XXXXXXXXXXXXX",
"created_at": "2022-10-28T18:02:37.000Z",
"last_auth_at": "2022-10-28T18:03:00.000Z"
}
]
}
Applies To
- created_at
- multifactor_last_modified
Cause
Different time stamps can exist for a user’s multifactor_last_modified field and created_at fields.
Solution
The multifactor_last_modified field shows the last time a user’s MFA settings were changed (e.g., creating/deleting enrollments or even resetting MFA). The created_at field shows the date an enrollment request started.