Enabling MFA for specific user

I have followed the steps in some of the post and documentations provided to enable MFA for specific users. I have done below thought its not working.

  1. Require Multi-factor Auth is set to “Never”
  2. Created a new user
  3. Added “user.user_metadata.use_mfa” to true
  4. I can see the MFA is enabled for this user is enable for this in User information page

When I am trying to get the oauth/token its not giving me the mfa_token, its returning me the access and id token in the API response.

I have also tried creating Action for this as ‘Pre-registeration’ and still no luck.

I have followed the steps mentioned in the blog post too How To Enable MFA For A Subset of Users

All I want is to enable MFA and get the mfa_token so I can associate with the user.

Hi @ybansiwal,

Welcome to the Auth0 Community!

This should be a Post Login Action if you want to trigger MFA during a certain user’s login.

Thanks @dan.woda , I have also tried Post Login action and didn’t work. I did below steps

  1. Created new custom actions and added to the flow
  2. Created new user and it says MFA enabled for this user
  3. When I tried to get the access token instead of giving mfa_token for MFA associate it gave me id_token

Below is the code for action

exports.onExecutePostLogin = async (event, api) => {

if (event.user.user_metadata && event.user.user_metadata.use_mfa){
api.multifactor.enable('any', {allowRememberBrowser: false});
}
};

Did you follow step #1?

  1. set the user.user_metadata.use_mfa attribute in the respective users profile to true or false using the Auth0 Management API: Auth0 Management API v2 endpoint

Yes, I did that at time of creating user

Can you confirm that the conditional is firing by adding a console.log statement?

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.