Topics created by hanumant.sidraya

@hanumant-sidraya Can you please clear up a few things.

It sounds like you have customers that have their own IdP. When you say "the customer has exposed the API for authentication.", what does that mean. They have an API that can confirm their identity?

If you have the APIs and authentication working with the customer's IdP, have you tried enabling the Two Factor Authentication for the user? Go to your user details screen in FusionAuth and then click 'Enable Two Factor' from the dropdown in the upper right hand corner?

For more details, you can refer to the Two Factor API documentation and the Enable Multi-Factor Authentication API documentation.

I have absolutely the same problem.
Installation on Windows 10.

@hanumant-sidraya

Do you mean you want to deactivate all users who were authenticating with a given connector? This is not a typical use case, so you'll need to write some code to do this.

If so, then I'd script the removal of the connector and at the same time mark all users associated with that connector as inactive (or you could hard delete them if you want).

The connectorId is not one of the searchable attributes for users, so the easiest way to do this would be to have your custom connector set an attribute on the user.data field, something like user.data.authDataSource = clientXYZ or similar.

Then you could query for all users with that user.data value and deactivate or delete them.

Hope that helps.

You should be able to return the two factor JSON as documented in the user response object. Have you tried doing that?

user.twoFactor.methods[x].authenticator.algorithm and others.

@joshua I believe one reason MFA cannot be supported for non-migrated users is that their details are overwritten with every login.

However, if the source application could retain these details and transmit them through a connector, could it be possible to support MFA?

@hanumant-sidraya

🎉 🙂