Prompt for MFA on specific actions

Dragollla · November 13, 2018, 12:07pm

Hello, can you guide me how to prompt user for MFA on specific action?
I have frontend client app and backend API.

I want users to be always promted for MFA on call to some endpoints of API.

Login flow:

User clicks on “Log In” button on frontend.
User is redirected to Auth0 login page.
JWT is received on frontend and sent to backend.
On backend ID Token is parsed and user is signed in with associated user record.

Next, suppose, user tries to withdraw some funds.

Frontend makes POST /withdraw.
Backend responds with “MFA required”.
Frontend redirects user to Auth0 with new scope “transfer:funds”
Custom rule is applied and 2fa is requested. But what if user has logged in with MFA initially? Will he be asked to authenticate again?

konrad.sopala · November 13, 2018, 12:37pm

I’ve replied to your question in this thread:

so as not to multiply the same topics in our forum.

Thanks for understanding!

Topic		Replies	Views
Trigger MFA when user wants to perform some action in nextjs-auth0 Help mfa , mfa-prompt-new-experience	2	473	November 27, 2023
Post-login action and MFA Help mfa , mfa-prompt-new-experience	3	482	May 24, 2024
Prompt for MFA during specific actions / using MFA without login flow Help mfa , google-authenticator	8	11695	December 13, 2018
Custom MFA using actions Help mfa , machine-to-machine , actions	1	2570	January 8, 2024
How can we prompt for MFA enrolment in a rule or post authentication? Help mfa	12	5374	August 27, 2020