Skip to main content
Docs

Second factor

These are all methods on the SignIn class that allow you to handle the second factor of a multi-factor authentication flow.

prepareSecondFactor()

Begins the second factor verification process. This step is optional in order to complete a sign in.

A common scenario for the second step verification (2FA) is to require a one-time code (OTP) as proof of identity. This is determined by the accepted strategy parameter values. Each authentication identifier supports different strategies.

Note

While the phone_code strategy requires preparation, the totp strategy does not - the user can directly attempt the second factor verification in that case.

Returns a SignIn object. Check the secondFactorVerification attribute for the status of the second factor verification process.

function prepareSecondFactor(params: PrepareSecondFactorParams): Promise<SignIn>

PrepareSecondFactorParams

  • Name
    strategy
    Type
    'phone_code'
    Description

    The strategy used for second factor verification. Supported strategies are:

    • 'phone_code': User will receive a one-time authentication code via SMS. At least one phone number should be on file for the user.
  • Name
    phoneNumberId
    Type
    string
    Description

    The ID for the user's phone number that will receive an SMS message with the one-time authentication code.

attemptSecondFactor()

Attempts to complete the second factor verification process (2FA). This step is optional in order to complete a sign in.

For the phone_code strategy, make sure that a verification has already been prepared before you call this method, by first calling SignIn.prepareSecondFactor. Depending on the strategy that was selected when the verification was prepared, the method parameters should be different.

The totp strategy can directly be attempted, without the need for preparation.

Returns a SignIn object. Check the secondFactorVerification attribute for the status of the second factor verification process.

function attemptSecondFactor(params: AttemptSecondFactorParams): Promise<SignIn>

AttemptSecondFactorParams

  • Name
    strategy
    Type
    'phone_code' | 'totp'
    Description

    The strategy to be used for second factor verification. Possible strategy values are

    • 'phone_code': User will receive a one-time authentication code via SMS. At least one phone number should be on file for the user.
    • 'totp': User must provide a 6-digit TOTP code generated by their authenticator app. The user must have previously created a TOTP secret and registered it in their authenticator app using a QR code, URI, or by manually entering the secret.
  • Name
    code
    Type
    string
    Description
    • For the 'phone_code' strategy: The one-time code that was sent to the user as part of the prepareSecondFactor() step.
    • For the 'totp' strategy: The TOTP generated by the user's authenticator app.

Feedback

What did you think of this content?
Edit this page on GitHub

Last updated on