We’re looking at enabling multifactor auth for our app. However, we would like to consider making some parts of the app only visible if the user logged in using MFA (otherwise we’d provide instructions on how to sign up for MFA, if required, and a button to log in using MFA). When we receive an id_…

Hi @martin.pain When a user uses MFA to authenticate, the ID Token will have an amr (authentication method reference) claim in the payload with an mfa value in it. Note that amr is an array and there could be other possible values in the future, so the check should be something like: mfaUsed = pay…

Include claim in id_token when MFA was used?

Get Help

martin.pain October 24, 2018, 10:42am 3

Thanks, that’s just what I was looking for.

Topic		Replies	Views
If amr claim is only available in the ID Token how can I validate the Access Token to check for MFA? Get Help mfa , mfa-api	2	72	May 23, 2025
Determine MFA method used during user login Get Help jwt , mfa , login	4	3599	March 11, 2023
"amr" and "acr" Claims Omitted from ID Token on Renewal Knowledge Articles mfa , sso , id-token , claim	1	2962	August 10, 2022
Step up authentication not working Get Help mfa , push-via-auth0-guardian-factor	2	2547	December 21, 2022
Cannot determine if MFA was enrolled during first login Get Help login-experience , new-universal-login-experience	0	123	September 5, 2024

Include claim in id_token when MFA was used?

Related topics