On this page, we can see the following rule.
function guardianMultifactor(user, context, callback) {
//const CLIENTS_WITH_MFA = ['REPLACE_WITH_YOUR_CLIENT_ID'];
// run only for the specified clients
//if (CLIENTS_WITH_MFA.indexOf(context.clientID) !== -1) {
// uncomment the following if clause in case you want to request a second factor only from user's that have user_metadata.use_mfa === true
//if (user.user_metadata && user.user_metadata.use_mfa){
context.multifactor = {
// required
provider: 'guardian',
// optional, defaults to true. Set to false to force Guardian authentication every time.
// See https://auth0.com/docs/multifactor-authentication/custom#change-the-frequency-of-authentication-requests for details
allowRememberBrowser: false
};
//}
//}
callback(null, user, context);
}
What is the structure of context.multifactor? The documentation here only says that it " An object representing the multifactor settings used in implementing contextual MFA.", with a link to a more general, but not-helpful explanation of MFA.
Basically, I want to know:
- What, specifically, is provider defining here? (ie. must use guardian vs shown guardian by default)
- What other values can provider be set to? (ie. literal string must be one of this list: [“any”, “guardian”, …])
- What other parameters can be set in multifactor?
- What do they do?