Second factor
These are all methods on the SignIn
class that allow you to handle the second factor of a multi-factor authentication flow.
prepareSecondFactor()
Begins the second factor verification process. This step is optional in order to complete a sign in.
A common scenario for the second step verification (2FA) is to require a one-time code (OTP) as proof of identity. This is determined by the accepted strategy
parameter values. Each authentication identifier supports different strategies.
- Name
strategy
- Type
'phone_code' | 'totp'
- Description
The strategy to be used for second factor verification. Possible
strategy
values are currently:phone_code
: User will receive a one-time authentication code in their phone, via SMS. At least one phone number should be on file for the user.
prepareSecondFactor()
returns
Type | Description |
---|---|
Promise<SignIn> | A Promise which resolves with a SignIn object. Check the secondFactorVerification attribute for the status of the second factor verification process. |
attemptSecondFactor()
Attempts to complete the second factor verification process (2FA). This step is optional in order to complete a sign in.
For the phone_code
strategy, make sure that a verification has already been prepared before you call this method, by first calling SignIn.prepareSecondFactor
. Depending on the strategy that was selected when the verification was prepared, the method parameters should be different.
The totp
strategy can directly be attempted, without the need for preparation.
- Name
strategy
- Type
'phone_code' | 'totp'
- Description
The strategy to be used for second factor verification. Possible
strategy
values arephone_code
: User will receive a one-time authentication code in their phone, via SMS. At least one phone number should be on file for the user.totp
: User must provide a 6-digit TOTP code generated by their authenticator app. The user will need to have created a TOTP secret beforehand so as to register it on their authentictor app via QR code, URI or even entering the secret itself.
- Name
code
- Type
string
- Description
- For the
phone_code
strategy: The one-time code that was sent to the user as part of the prepareSecondFactor step. - For the
totp
strategy: The TOTP generated by the user's authenticator app.
- For the
attemptSecondFactor()
returns
Type | Description |
---|---|
Promise<SignIn> | This method returns a Promise which resolves with a SignIn object. Check the secondFactorVerification attribute for the status of the second factor verification process. |