FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login
    1. Home
    2. stephen.saucier 0
    3. Best
    S
    • Profile
    • Following 0
    • Followers 0
    • Topics 3
    • Posts 9
    • Best 1
    • Controversial 0
    • Groups 0

    Best posts made by stephen.saucier 0

    • RE: Get list of enabled MFA methods, with methodId

      @dan

      Here's what I'm picturing:

      1. User opens mobile app.
      2. User clicks login button
      3. User enters username and password into mobile app
      4. App hits the /oauth2/token endpoint with user/pass
      5. FA responds with twoFactorId and array of all enabled two factor methods, including the id of those methods
      6. App POSTs to /api/two-factor/send/{{twoFactorId}}, including the method ID from the above response in the body
      7. User sees OTP/code input screen & enters what they have received via email/SMS
      8. App sends the code to FusionAuth. It seems there isn't a way to do that via oauth endpoints (/api/two-factor/login seems like the only way to go).
      9. FusionAuth sends access/refresh tokens w/ user data back to app
      10. App user is now logged in

      We're now switching this over to /api/login instead, and we'll add every user to the application upon registration (which we hadn't been doing). I think that solves our issues. The question remains whether MFA can be used with OAuth login (steps 5 and 8 seem to indicate that it cannot).

      posted in Q&A
      S
      stephen.saucier 0