Google Authenticator for Developers

Enabling Google Authenticator for MFA

To turn on Google Authenticator for two-step verification, first visit the Multifactor Auth page from the dashboard. Then click on the link to use a different provider.

Then you can use the slider to turn on Google Authenticator.

Customize Google Authenticator

Once you have turned on Google Authenticator, the portal displays a code editing textbox containing the following code snippet for you to use:

function (user, context, callback) {

  // run only for the specified clients
  if (CLIENTS_WITH_MFA.indexOf(context.clientID) !== -1) {
    // uncomment the following if clause in case you want to request a second factor only from user's that have user_metadata.use_mfa === true
    // if (user.user_metadata && user.user_metadata.use_mfa){
      context.multifactor = {
        provider: 'google-authenticator',
        // issuer: 'Label on Google Authenticator App', // optional
        // key: 'YOUR_KEY_HERE', //  optional, the key to use for TOTP. by default one is generated for you

        // optional, defaults to true. Set to false to force Google Authenticator every time.
        // See for details
        allowRememberBrowser: false
    // }

  callback(null, user, context);

When you have finished editing the code snippet based on the requirements of your app, click Save.

Screen customization

At this time Google Authenticator does not allow any customizations to the look and feel of the Google Authenticator screens. For other customization options see Auth0 Guardian.

Configuring Google Authenticator for Select Users

You may choose to enable Google Authenticator only for select users. Within the Customize MFA code snippet, you may include the conditions for Google Authenticator is enabled.

For example, suppose you want to omit MFA for all users signing in from the domain.

function (user, context, callback) {

    if (context.connection !== ''){
        context.multifactor = {
            provider: 'google-authenticator', //required

    callback(null, user, context);

Once you have finished making your desired changes, click SAVE so that they persist.

Was this article helpful?