FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login

    What FusionAuth roles can remove an MFA method?

    Scheduled Pinned Locked Moved Solved
    Q&A
    1
    3
    1.7k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • danD
      dan
      last edited by

      What FusionAuth roles can remove an MFA method using the admin UI?

      --
      FusionAuth - Auth for devs, built by devs.
      https://fusionauth.io

      danD 1 Reply Last reply Reply Quote 0
      • danD
        dan @dan
        last edited by

        Currently, the only users that can remove MFA methods are Global Admins to the FA Admin UI.

        This is due to the security implications around letting any other role have this permission.

        If you need to offer this functionality to your customers and product, then you could build an integration that called the User API and remove MFA from a users’s account.

        --
        FusionAuth - Auth for devs, built by devs.
        https://fusionauth.io

        danD 1 Reply Last reply Reply Quote 0
        • danD
          dan @dan
          last edited by

          See also this open GH issue addressing this: https://github.com/FusionAuth/fusionauth-issues/issues/2821

          --
          FusionAuth - Auth for devs, built by devs.
          https://fusionauth.io

          1 Reply Last reply Reply Quote 0
          • danD dan has marked this topic as solved on
          • First post
            Last post