Versions Compared

Old Version 1

changes.mady.by.user Chitra Borker (Deactivated)

Saved on

compared with

New Version Current

changes.mady.by.user Chitra Borker (Deactivated)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

MFA User Workflow

Image Removed

How to turn on MFA

  1. Go to Security → Multi-factor Auth in the sidebar

  2. Enable the following:

    1. One-time Password

    2. Email

    3. Recovery Code

  3. Go to Auth Pipeline → Rules in the sidebar

  4. Hit “Create” button

  5. Pick “Multifactor Authentication” template

  6. Make changes to fit your needs

  7. Verify

Commit the changes to https://github.com/soulmachines/auth0-manual-configurations

Enable MFA for an organization

  1. Go to Auth Pipeline → Rules

  2. Click “Multifactor Authentication”

  3. Add the organization id in array mfaEnabledOrgs and save

How to update Email MFA template

  1. Go to Branding → Email Templates

  2. Select “Verification code for Email MFA” from the dropdown

  3. Make changes to fit your needs

  4. Verify

Commit the changes to https://github.com/soulmachines/auth0-branding-customizations

How to reset MFA

  1. Go to User Management → Users in the sidebar

  2. Find the user

  3. Reset MFA in either way:

    1. From Actions dropdown, select Reset Multi-factor

    2. Scroll down and find Multi-Factor Authentication section, click “Reset MFA”

After performing the steps above, Email MFA stays but we can leave it because we use email as primary identifier, there is no need to reset it.

Reset MFA internal workflow

The internal workflow for resetting MFA is the following:

  • Customer contacts support

  • Support contacts production auth0 admins (Hidenari / Kai / Tim)

  • Auth0 admins perform the reset

    • Support contacts customer

    We can set up Multi-factor Authentication (MFA) for your organization to securely access Digital DNA Studio. MFA works by requiring additional verification information to login to any application. Users can't log in using only user names and passwords, they must provide further proof of identity. An authentication app, such as Google Authenticator, Okta Verfiy etc, is mandatory. The users will not be able to sign up without an authentication app.

    We support the following types of MFA:

    • One-time password with application (default)

    • One-time password with email address

    • Recovery codes

    Email and recovery codes are meant to backup authentication apps if the device is unable to authenticate. But without the app, you cannot sign up to use MFA.

    MFA User Workflow

    Image Added

    Request to enable MFA

    If you require this feature to be turned on for your organization, please get in touch with Trisha Tripathi (Deactivated).

    Support

    If you require support for resetting MFA, please raise a support ticket.

    Contents

    Table of Contents