I’m working on integrating Auth0 with my company’s app via a custom database, the login action to build the user profile, and a post-login trigger to enroll the user in email or SMS MFA, and to challenge the user with an email or phone mfa challenge.
I’m able to do this in every case except for a login for a user that isn’t enrolled in MFA. How do I enroll a net-new user into the sms or email MFA type AND challenge them with the updated MFA type?
I repeatedly get the same error:
Type: MFA Required
Description: An MFA challenge is used in a PostLogin action but the requested factors are not properly set up. To perform MFA, enable the requested factors and ensure the user is enrolled with them.
When you get that error, there is a list of things that you can do in order to troubleshoot your problem. You can find the steps to solving your problem in the following documentation: Customize MFA Selection for Universal Login
Also, make sure to check the following documentation pages that explain implementing MFA using actions in detail:
@tudor.smeu Can I enroll a user in an MFA type via the management API and also challenge them in the same action chain? Something like this (both are separate custom actions):
exports.onExecutePostLogin = async (event, api) => {
// enroll user in factor with Management API if not already enrolled
}
exports.onExecutePostLogin = async (event, api) => {
// challenge user
}
What i’m currently doing is this and I don’t think that the user context is being updated in the same method invocation:
exports.onExecutePostLogin = async (event, api) => {
// enroll user in factor if not already enrolled
// challenge user
}