mab
October 21, 2022, 11:10am
1
Hello,
I know how to turnoff mfa in rules
if (user.identities[0].connection === ‘test1’) {
context.multifactor = {
provider: ‘none’
};
}
I know how to enable only duo mode
if (user.identities[0].connection === ‘test’) {
context.multifactor = {
provider: ‘duo’,
ikey: configuration.DUO_IKEY,
skey: configuration.DUO_SKEY,
host: configuration.DUO_HOST,
allowRememberBrowser: true
};
}
I don’t know how to enable for the one application guardian and google auth. , for the second application guardian, google auth and email., for third only guardian and email.
Best Regards
1 Like
mab
October 25, 2022, 5:44am
3
Hi Team, if anything is unclear please write. I count on you .
tyf
October 25, 2022, 8:59pm
4
Hey there @mab !
mab:
I don’t know how to enable for the one application guardian and google auth. , for the second application guardian, google auth and email., for third only guardian and email.
I recommend moving over to Actions and using the API object , but even then only the following options are available:
Your post login Action might look something like:
exports.onExecutePostLogin = async (event, api) => {
//enforce mfa for specific client_id(s)
const mfaApp1 = "5sFZ3AuJ05fsdfQEauNhUfQjMfduVswiujzSqcfG";
const mfaApp2 = "KnMtXwJypUghbc1IMKCDdLQKOXNqsdfsoLH2HXnQ";
if (event.client.client_id === mfaApp1) {
console.log(`enforcing any mfa for: ${event.client.client_id}`)
api.multifactor.enable(`any`);
} else if (event.client.client_id === mfaApp2) {
console.log(`enforcing google authenticator for: ${event.client.client_id}`)
api.multifactor.enable(`google-authenticator`)
} else {
console.log(`mfa not enforced for: ${event.client.client_id}`)
}
};
Hope this helps at least give you an idea of what’s possible!
2 Likes
system
Closed
November 8, 2022, 9:00pm
5
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.