Navigation

    FusionAuth
    • Login
    • Search
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs

    SOLVED Getting around MFA

    Q&A
    mfa login
    1
    2
    237
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • dan
      dan last edited by

      I want to let users set up MFA, but conditionally allow it or disallow it based on certain criteria.

      Right now, with the hosted login pages, FusionAuth requires MFA every time (unless the user has set up MFA trust).

      How can I solve this?

      --
      FusionAuth - Auth for devs, built by devs.
      https://fusionauth.io

      1 Reply Last reply Reply Quote 0
      • dan
        dan last edited by

        You can't do this with the hosted login pages, but there is an issue to allow/disallow MFA on an application by application basis: https://github.com/FusionAuth/fusionauth-issues/issues/763

        Currently, you can't bypass MFA, but you can do an end run around by using the Login API.

        You can start multi factor with a code you provide: https://fusionauth.io/docs/v1/tech/apis/two-factor/#start-multi-factor

        Then complete the login process with that known code: https://fusionauth.io/docs/v1/tech/apis/login/#complete-multi-factor-authentication .

        --
        FusionAuth - Auth for devs, built by devs.
        https://fusionauth.io

        1 Reply Last reply Reply Quote 0
        • Topic has been marked as solved  dan dan 
        • First post
          Last post