Feature: Please provide multifactor_last_modified information in the Post Login trigger event in Action
Description:
For the event.user context in the onExecutePostLogin trigger in Actions, please provide the information for multifactor_last_modified (already available in User Profile Structure - Auth0 Docs ).
From the documentation the only connected properties already present in the event object are:
Actions Triggers: post-login - Event Object - Auth0 Docs
-
last_password_resetOptional string — Last time the user’s password was changed (Database connections only). -
multifactorOptional array of strings — MFA providers with which the user is enrolled.
Use-case:
I have been trying to implement a way to force a new MFA enrollment on next login after an MFA Reset, in a situation where it is not acceptable to force enroll all users (some did want to enroll).
The only feasable solution I have right now is to use the management API from my business backend application to add an user metadata to force the enrollment checking the presence in Post Login trigger, then removing it.
It means that it may require to do the MFA reset from our backend application, will require specific development for a feature that could be encapsulated completely in Auth0, and has the added risk of a different behaviour if the reset is done via user profile on Auth0 management screen (enrollment would have to manually triggered via email, or metadata added manually from there…).
The trigger I would like to achieve is quite simple:
exports.onExecutePostLogin = async (event, api) => {
if (!!event.user.multifactor_last_modified && event.user.multifactor?.length) {
api.multifactor.enable('any', { allowRememberBrowser: false });
}
};
Original Community post before I reached out to Product Feedback:
User property multifactor_last_modified not found in Action event - Auth0 Community