Is it possible to detect whether a social account had 2FA set?

When someone logs in via social media, is it possible to know, in a post-login event and the event object, whether that social media account had 2FA set?

I’m not referring to Auth0’s own 2FA, but 2FA on the Google (for example) account itself. I would assume not, but thought I’d ask.

Thanks.

Hi @kkrp1,

Yes, you can determine if a social user logging in has 2FA configured by checking the event.user.multifactor property.

See our Actions Triggers: post-login - Event Object documentation as a reference.

Note that you can only check if the user has MFA on Auth0 and not on Google IdP.

Thanks,
Rueben

Hi Rueben,

Thank you for the reply. As I mentioned in my question, I’m specifically wanting to check whether the user has MFA enabled on their social (e.g. Google) account, not their Auth0 account. So I assume this is not possible.

Thanks anyway

1 Like

Hi @kkrp1,

Thanks for the clarification.

Unfortunately, it won’t be possible since the MFA process is taking place on the Google IDP side, and there’s no way to communicate that to Auth0.

Let us know if you have any further questions.

Cheers,
Rueben

1 Like