How to control MFA with Gatsby.js and auth0-react?

NeilShang · June 23, 2021, 5:53am

1.I refer to this document to protect routes

2.I enable MFA with always

3. I refresh the protected page after login ,I saw this request everytime.

4. And I will be redirect to MFA page when I refresh page after login
and this is my question
1.If I enable MFA with always,I need enter OTP everytime ,when refresh protect page?
2,if I only want to ask MFA when login not for refresh protect page,what can I do?

NeilShang · June 29, 2021, 7:31am

1.switch config to never

2.use this rule

github.com

auth0/rules/blob/master/src/rules/require-mfa-once-per-session.js

/**
 *
 * This rule can be used to avoid prompting a user for multifactor authentication if they have successfully completed MFA in their current session.
 *
 * This is particularly useful when performing silent authentication (`prompt=none`) to renew short-lived access tokens in a SPA (Single Page Application) during the duration of a user's session without having to rely on setting `allowRememberBrowser` to `true`.
 *
 * @title Require MFA once per session
 * @overview Require multifactor authentication only once per session
 * @gallery true
 * @category multifactor
 */

function requireMfaOncePerSession(user, context, callback) {
  let authMethods = [];
  if (context.authentication && Array.isArray(context.authentication.methods)) {
    authMethods = context.authentication.methods;
  }

  const completedMfa = !!authMethods.find((method) => method.name === 'mfa');

This file has been truncated. show original

konrad.sopala · June 29, 2021, 9:38am

Thanks for sharing it with the rest of community!

system · July 14, 2021, 9:38am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Problem with MFA error "login_required" Help mfa	3	4777	October 27, 2020
React Application login page shows MFA loops Knowledge Articles session , rules , mfa-sms , authorize-endpoint , disable-mfa	1	852	September 6, 2023
App is asking MFA every time when switching between two web applications which are using same Auth0 application Help classic-universal-login-experience , login-experience	3	19	October 21, 2024
What is the correct way to require MFA for ONLY auth0 connections? Help mfa , mfa-api	3	2304	January 11, 2023
Workaround for MFA error when using getAccessTokenSilently with React Help auth0-react , sdks-quickstarts	3	1905	April 26, 2023

How to control MFA with Gatsby.js and auth0-react?

Related Topics