MFA fusionAuth e Identity Provider google
-
Hi, when using MFA Authenticator, and activating the Google Identity Provider, the authentication challenge does not appear. Only the Authentication challenge appears for the own login of local users in FusionAuth.
What do I need to configure additionally? -
It sounds like you want to let users log in with Google, but when they return, be challenged for another factor of authentication?
In general FusionAuth treats identity providers such as google as 'the source of truth' when they are configured. That means FusionAuth trusts that the identity provider has done all the checks they need to do to ensure the user is who they say they are (including MFA). So when FusionAuth gets a successful response from the provider, it won't prompt for anything else.
You could set up step up authentication in your application to force the user to go through MFA: https://fusionauth.io/docs/v1/tech/guides/multi-factor-authentication#step-up-auth
Hope this helps.