Add policy to enforce MFA for specific users using a lambda, group or other mechanism

It’s not possible to enforce MFA for certain group of users. Currently It can only be controlled at the Tenant and Application levels

### Description
Currently It is not possible to enforce MFA at User level using API. We are looking for a functionality to enforce MFA from backend or when opted in to Turn MFA on by users themselves, Users will be prompted to setup MFA during hosted login workflow.

So the workflow would be:
1. MFA is enforced from our application backend for certain users or turned on by Users themselves from our application - user preference screen
2. User logs in using hosted login workflow
3.  Before redirecting back to application after successful login, if MFA is activated for User, will be redirected to the QR code page (Oauth two-factor enable page in the theme) where user can configure Google Authenticator and setup two factor.
4. validate with code from authenticator and continue


### Related
- https://github.com/FusionAuth/fusionauth-issues/issues/763
- https://github.com/FusionAuth/fusionauth-issues/issues/960
- https://github.com/FusionAuth/fusionauth-issues/issues/1637
- https://github.com/FusionAuth/fusionauth-issues/issues/2309

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add policy to enforce MFA for specific users using a lambda, group or other mechanism #2285

Description

Related

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Add policy to enforce MFA for specific users using a lambda, group or other mechanism #2285

Description

Description

Related

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions