Overview
When using api.multifactor.enable , users are given a recovery code after enrolling in Multi-Factor Authentication (MFA) with another factor automatically.
However, when using api.authentication.enrollWithAny([<list of factor types here> ]) , if the user picks a factor other than the recovery code, they do not get a recovery code after enrolling another factor.
Applies To
- Recovery Code
- Multi-Factor Authentication (MFA)
Cause
When using the custom MFA enrollment methods, only one factor can be enrolled per method.
Solution
To enroll a recovery code after another factor, do two enrollWith methods sequentially in the Action, for example:
api.authentication.enrollWithAny([<List of allowed factor types here>]);
api.authentication.enrollWith({type:'recovery-code'});
To enroll only a specific factor + recovery code, enrollWith could be used for both enrollments:
api.authentication.enrollWith({type: <desired factor type here>});
api.authentication.enrollWith({type:'recovery-code'});