How to disable MFA using actions?

naveen.shambugowda · February 16, 2023, 9:32pm

We have MFA turned on at the tenant level but want to selectively disable MFA based on connectionStrategy or email. How can this be done using actions?

The post-login API object has no method to disable MFA

konrad.sopala · February 17, 2023, 7:50am

Hey there!

Here’s one of our FAQs for enabling MFA for specific set of users:

Have you had a chance to check it out?

system · March 3, 2023, 7:51am

The FAQ shows the sample for the reverse case, like how to force MFA for a specific set of users. A similar action like the following can help to disable MFA for a specific set of users by using none instead of any.

exports.onExecutePostLogin = async (event, api) => {

  // uncomment the following if clause in case you want to skip a second factor only for users that have app_metadata.skip_mfa === true

  if (event.user.app_metadata?.skip_mfa){
    api.multifactor.enable('none', {allowRememberBrowser: false});
  }
};

Topic		Replies	Views
How to Enable MFA for a Subset of Users Knowledge Articles mfa , management-api , users , rule , user-profile , actions , use-mfa	1	9368	July 22, 2022
Enabling MFA for specific user Help user-management , account-linking	6	2263	July 7, 2023
Api.multifactor.disable Help mfa , mfa-api	4	292	May 1, 2024
How to Disable MFA for Users Based on a Client Name or Client Id Knowledge Articles actions , mfa-factors , multifactor	1	676	February 9, 2024
How to disable mfa for a particular user in nodejs Help mfa , one-time-password-otp-factor	5	1639	December 22, 2023

How to disable MFA using actions?

Related topics