Self Service Account Management
This is a paid edition feature and is unavailable in the community edition. Please visit our pricing page to learn more about paid editions.
Available since 1.26.0
FusionAuth self-service account management allows users to manage their accounts, including the ability to add Multi-factor Authentication (MFA). This documentation section covers:
A Note About User Images in this Documentation
Throughout this self service account management section we will use:
Richard Hendricks for any
user facing actions. Imagine Richard is a user on your site, trying to enable MFA for his account, or update his profile data.
Erlich Bachman for any
admin facing actions. Imagine Erlich is you or a customer service rep at your company.
Finding the Self Service Page
To view the account and self service pages, login as an admin and navigate toand click on the icon to view the application details.
From here copy and paste the account URL into a browser. Use a different browser than the one you are using to access the FusionAuth administrative user interface, or use your browser in incognito mode.
In a real world application this link would be part of the navigation for your application.
Before accessing the account you will be asked to log in. Make sure the user you log in with is registered for this application.
Update User Data and Password
FusionAuth Self Service Account Management allows users to easily update their user data and passwords. To adjust user profile data, click on the edit icon in the upper corner. From there a user will be presented with editable fields for user data and their password.
More information about updating user data and passwords can be found in the Updating User Data and Password section.
Enable or Disable MFA as a User
From click on Manage Two Factor
On this screen you can add Two Factor methods.
Current supported MFA types are:
TOTP / Authenticator Apps
If you are not seeing this screen, you may need additional configuration. Please see troubleshooting steps.
You can click on the links below for more about setting up each MFA method.
You might be wondering, what is the difference between multi-factor authentication (MFA) and two factor authentication (2FA)? First, a factor is anything a user has, is or provides which proves who they are. The end goal of authentication, after all, is to be assured that whoever is behind a request is who they say they are.
When a system can support more than one method of authentication, it supports MFA. For example, FusionAuth supports a code sent to a phone or email and a time-based one-time password (TOTP) based on a shared secret stored in Google Authenticator or another similar application.
2FA typically occurs when a user provides two factors at the moment of login. In FusionAuth, one of those factors will always be a password.
Please note that once an authenticator is enabled, users will be displayed recovery codes similar to what is shown below.
Please encourage your users to save these in a secure location, as they can be used to recover an account, should one of their second factors fail to be available. For example, if an email or sms service is "down" and users still want to use your application, or if a user loses their phone, a recovery code allows access.
How helpful was this page?