MFA for specific connections

Problem statement

How can configure MFA to apply only for specific connections?


You can use a post-login action (Login Flow) to achieve this. Here’s an example:

exports.onExecutePostLogin = async (event, api) => {
  // Require MFA for anyone logging in via the Username-Password-Authentication connection
  if ( === "Username-Password-Authentication") {

Please refer to the following for more details:
api.multifactor.enable(provider, options) API reference:

event.connection object reference: