We integrated a standard login procedure using Username-Password-Authentication via the auth0.js library (version 9.19.4) in our React application. Now for certain calls on our api we need to step up our authentication, to access those api’s. We would like to use the MFA using SMS for this. How should we integrate this? Couldn’t find any existing examples for this.
- I think i need to request an updated idToken (with extra scopes) via the MFA api’s (https://auth0.com/docs/api/authentication#multi-factor-authentication)? But i’m not sure how i should obtain the mfa_token in this case. When i have an updated idToken i can pass this on to the api and they can check the scopes for this idToken.
- will the renewAuth() or the authorize() with an updated scope automatically trigger the MFA?
Any help, examples would be welcome.