Multifactor with both SMS and One-Time Password (Google Auth)

Help
,
1

Hi all,

I’ve implemented contextual multifactor for a specific application using either SMS or Google Authenticator and the Auth0 Hosted Pages which works great.

My issue is that I’ve been asked to give users options on whether they use SMS or Google Authenticator as their MFA preference at sign up. I have both options switched on in the MFA dashboard but it’s not clear from the documentation I’ve seen as to what I set provider to in my MFA Rule.

If I set provider: any the user is only offered Google Auth but we need them to be offered a choice

Any ideas on how this is achievable at all?

Thanks!

2

Hi!

If you enable both OTP and SMS in the dashboard and set provider:any, you should get this when enrolling:

image

I assume you are not getting that, is that correct?

Unless you are conditionally setting the provider you can try removing all rules that set the multifactor provider field. The default behavior is ‘provider:any’.

Regards,

Andres

1 Like
3

Hi - we don’t get that sadly!

The ‘I’d rather use SMS bit’ doesn’t show.

I have both SMS and OTP enabled and a rule as follows:

let CLIENT = ['XXX....'];
   if (CLIENT.indexOf(context.clientID) !== -1) {
context.multifactor = {
  provider: 'any',
  allowRememberBrowser: false
};
  }

If I enable OTP that shows, if I turn OTP off, SMS shows but never the both together!

I’ve also disabled the custom rule and applied the Policy checkbox of 'Always require MFA" and the result is the same, if OTP is on, that’s the only option that shows. If just SMS is on, SMS shows.

Any ideas?

Thanks

Dan

4

The issue with Dan’s setup turned out to be an older version of the MFA widget (Thanks @danblundell for noticing this!).

You may try the latest version of the MFA widget to have the behavior @andres.aguiar explained. As of writing this, it is 1.6

5

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.