Open MikeAlhayek opened 1 year ago
Shouldn't disabling module enough?
No, you still need 2FA for local logins.
I see! So if you have mixed logins like local, azure, Google, Facebook etc and now the option will allow enable/disable 2FA per login provider?
@ns8482e yea because not all openId services support 2FA. I don't think there is anything indicate 2FA was used via openid response.
@kevinchalet is there a way to tell from the OpenId servers if 2FA was used? I know amr
claim will have 2fa value whrn 2fa is used during login. But, amr claim does not always indicate correct value like when a user choose to remember their device.
Anybody interested in looking into this any time soon?
Is your feature request related to a problem? Please describe.
If the app uses external service like Azure, Facebook, Google, or any other services, there should be an option in the 2FA settings to not require 2FA for these externally authorized users.
For example, services like Facebook, Azure or others may have 2FA process already in place.
@Piedone