Docs

Second factor

These are all methods on the SignIn class that allow you to handle the second factor of a multi-factor authentication flow.

prepareSecondFactor()

Begins the second factor verification process. This step is optional in order to complete a sign in.

A common scenario for the second step verification (2FA) is to require a one-time code (OTP) as proof of identity. This is determined by the accepted strategy parameter values. Each authentication identifier supports different strategies.

Note

While the phone_code strategy requires preparation, the totp strategy does not - the user can directly attempt the second factor verification in that case.

function prepareSecondFactor(params: PrepareSecondFactorParams): Promise<SignIn>
  • Name
    strategy
    Type
    'phone_code' | 'totp'
    Description

    The strategy to be used for second factor verification. Possible strategy values are currently:

    • phone_code: User will receive a one-time authentication code in their phone, via SMS. At least one phone number should be on file for the user.

Returns

TypeDescription
Promise<SignIn>A Promise which resolves with a SignIn object. Check the secondFactorVerification attribute for the status of the second factor verification process.

attemptSecondFactor()

Attempts to complete the second factor verification process (2FA). This step is optional in order to complete a sign in.

For the phone_code strategy, make sure that a verification has already been prepared before you call this method, by first calling SignIn.prepareSecondFactor. Depending on the strategy that was selected when the verification was prepared, the method parameters should be different.

The totp strategy can directly be attempted, without the need for preparation.

function attemptSecondFactor(params: AttemptSecondFactorParams): Promise<SignIn>
  • Name
    strategy
    Type
    'phone_code' | 'totp'
    Description

    The strategy to be used for second factor verification. Possible strategy values are

    • phone_code: User will receive a one-time authentication code in their phone, via SMS. At least one phone number should be on file for the user.
    • totp: User must provide a 6-digit TOTP code generated by their authenticator app. The user will need to have created a TOTP secret beforehand so as to register it on their authentictor app via QR code, URI or even entering the secret itself.
  • Name
    code
    Type
    string
    Description
    • For the phone_code strategy: The one-time code that was sent to the user as part of the prepareSecondFactor step.
    • For the totp strategy: The TOTP generated by the user's authenticator app.

Returns

TypeDescription
Promise<SignIn>This method returns a Promise which resolves with a SignIn object. Check the secondFactorVerification attribute for the status of the second factor verification process.

Feedback

What did you think of this content?

Last updated on