How to disable MFA using actions?

naveen.shambugowda · February 16, 2023, 9:32pm

We have MFA turned on at the tenant level but want to selectively disable MFA based on connectionStrategy or email. How can this be done using actions?

The post-login API object has no method to disable MFA

konrad.sopala · February 17, 2023, 7:50am

Hey there!

Here’s one of our FAQs for enabling MFA for specific set of users:

Have you had a chance to check it out?

system · March 3, 2023, 7:51am

The FAQ shows the sample for the reverse case, like how to force MFA for a specific set of users. A similar action like the following can help to disable MFA for a specific set of users by using none instead of any.

exports.onExecutePostLogin = async (event, api) => {

  // uncomment the following if clause in case you want to skip a second factor only for users that have app_metadata.skip_mfa === true

  if (event.user.app_metadata?.skip_mfa){
    api.multifactor.enable('none', {allowRememberBrowser: false});
  }
};

Topic		Replies	Views
How to Enable MFA for a Subset of Users Knowledge Articles mfa , management-api , users , rule , user-profile , actions , use-mfa	1	10091	July 22, 2022
Disabling MFA using Actions not working as expected Get Help extensibility , adaptive-mfa , actions-extensibility	2	25	March 31, 2025
Deactivate MFA for Specific Users Knowledge Articles	1	15	March 25, 2025
Enabling MFA for specific user Get Help user-management , account-linking	6	2749	July 7, 2023
Api.multifactor.disable Get Help mfa , mfa-api	4	375	May 1, 2024

How to disable MFA using actions?

Related topics