prepareSecondFactor()
1. PrepareSecondFactorParams
2. prepareSecondFactor() returns
attemptSecondFactor()
1. AttemptSecondFactorParams
2. attemptSecondFactor() returns

Second factor

These are all methods on the SignIn class that allow you to handle the second factor of a multi-factor authentication flow.

`prepareSecondFactor()`

Begins the second factor verification process. This step is optional in order to complete a sign in.

A common scenario for the second step verification (2FA) is to require a one-time code (OTP) as proof of identity. This is determined by the accepted strategy parameter values. Each authentication identifier supports different strategies.

Note

While the phone_code strategy requires preparation, the totp strategy does not - the user can directly attempt the second factor verification in that case.

function prepareSecondFactor(params: PrepareSecondFactorParams): Promise<SignIn>;

`PrepareSecondFactorParams`

Name
strategy
Type
'phone_code' | 'totp'
Description
The strategy to be used for second factor verification. Possible strategy values are currently:
phone_code: User will receive a one-time authentication code in their phone, via SMS. At least one phone number should be on file for the user.

`prepareSecondFactor()` returns

Type	Description
`Promise<SignIn>`	A `Promise` which resolves with a `SignIn` object. Check the `secondFactorVerification` attribute for the status of the second factor verification process.

`attemptSecondFactor()`

Attempts to complete the second factor verification process (2FA). This step is optional in order to complete a sign in.

For the phone_code strategy, make sure that a verification has already been prepared before you call this method, by first calling SignIn.prepareSecondFactor. Depending on the strategy that was selected when the verification was prepared, the method parameters should be different.

The totp strategy can directly be attempted, without the need for preparation.

function attemptSecondFactor(params: AttemptSecondFactorParams): Promise<SignIn>;

`AttemptSecondFactorParams`

Name
strategy
Type
'phone_code' | 'totp'
Description
The strategy to be used for second factor verification. Possible strategy values are
phone_code: User will receive a one-time authentication code in their phone, via SMS. At least one phone number should be on file for the user.
totp: User must provide a 6-digit TOTP code generated by their authenticator app. The user will need to have created a TOTP secret beforehand so as to register it on their authentictor app via QR code, URI or even entering the secret itself.
Name
code
Type
string
Description
For the phone_code strategy: The one-time code that was sent to the user as part of the prepareSecondFactor step.
For the totp strategy: The TOTP generated by the user's authenticator app.

`attemptSecondFactor()` returns

Type	Description
`Promise<SignIn>`	This method returns a `Promise` which resolves with a `SignIn` object. Check the `secondFactorVerification` attribute for the status of the second factor verification process.

Edit this page on GitHub

Second factor

prepareSecondFactor()

PrepareSecondFactorParams

prepareSecondFactor() returns

attemptSecondFactor()

AttemptSecondFactorParams

attemptSecondFactor() returns