iOS-Swift Multifactor Authentication

Sample Project

Download this sample project configured with your Auth0 API Keys.

System Requirements
  • CocoaPods 1.0.0
  • XCode 7.3 (7D175)
  • iPhone 6 - iOS 9.3 (13E230)
Show requirements

Enable Multifactor Auth in Your Client

First, you have to enable the MFA feature in your account. Go to the MFA configuration page and turn the Google Authenticator switch on, under the Choose a Provider section.

MFA Rule Screenshot

MFA for native apps currently supports Google Authenticator only.

Then, you have to specify on which clients you want to enable MFA; you accomplish this by editing the snippet that appears below, replacing the placeholder with your actual client ids.

MFA Rule Screenshot

Make sure this line looks like this:

var CLIENTS_WITH_MFA = ['YOUR_CLIENT_ID'];

If you want to use MFA in all of your clients, the easiest you can do is disabling this conditional in the script:

if (CLIENTS_WITH_MFA.indexOf(context.clientID) !== -1)

Make sure you hit the save button.

Configure the Flags

To enable multifactor authentication and enrollment in your database connection, you must set the options.mfa.active andoptions.mfa.return_enroll_settings flags using the PATCH /api/v2/connections/:id endpoint.

First, go to Database Connections and select the database you want to use MFA on.

Then, copy the database id from the URL of the Settings page of your database. It will be in the form: con_xxxxxxxxxxxxxxxx.

MFA Rule Screenshot

Also, make sure that your client is enabled for this database:

MFA Rule Screenshot

After that, go to the PATCH /api/v2/connections/:id endpoint.

Patch Connections

On the top left, select the connections: update scope.

In the id field, enter the connection id you previously obtained (con_xxxxxxxxxxxxxxxx).

In the body field, enter the following:

{
 "options": {
    "mfa": { "active" : true, "return_enroll_settings" : true }
},
 "enabled_clients": [
   "YOUR_CLIENT_ID"
 ]
}

Click TRY to call the API and effectively set the flags. You should receive a response similar to this:

{
  "id": "con_xxxxxxxxxxxxxxxx",
  "options": {
    "mfa": {
      "active": true,
      "return_enroll_settings": true
    },
    "brute_force_protection": true
  },
  "strategy": "auth0",
  "name": "Username-Password-Authentication",
  "enabled_clients": [
    "YOUR_CLIENT_ID"
  ]
}

Test Multifactor Auth

Now, you can run the simulator in your project and sign-in to your Auth0 app with MFA.

  1. In XCode, run your project using the simulator.

  2. Click Sign-in:

    Simulator

  3. Select a provider (Google in this example):

    Simulator

  4. Scan the QR code with Google Authenticator:

    Simulator

  5. Enter the code provided by Google Authenticator:

    Simulator

  6. You're in!

    Simulator

Previous Tutorial
9. Calling APIs
Use Auth0 for FREECreate free Account