Java Spring Security Multifactor Authentication

Sample Project

Download this sample project configured with your Auth0 API Keys.

System Requirements
  • Java 7 or above
  • Maven 3.0.x or above
Show requirements

Multifactor authentication (MFA) is an important method for adding an extra layer of security to your authentication flow. With MFA enabled in your Auth0 account, the process to grant user access to your application will require an additional verification step. In addition to a username / password combination, a verification code generated by a mobile application or sent by SMS will be required. Currently Auth0 supports Auth0 Guardian, Google Authenticator and Duo. For more details, see: Multifactor Authentication in Auth0.

In this tutorial you will learn how to enable MFA in the Spring Security application you created in the previous steps.

Enable Multifactor Authentication in Your Account

To enable the Auth0 MFA feature, open the Multifactor Auth With Guardian page and enable the Push Notifications option as shown below:

dashboard MFA with push notification enabled

Click Save and you are ready to test Multifactor authentication in your application.

Login

There is no need to update the code you created in the Login step of this tutorial. As soon as a user initiates sign-in they will be prompted to install a second-factor authenticator application (Auth0 Guardian is the default).

guardian screen

For detailed instructions on using Guardian to authenticate users, see: How to Use the Guardian App.

For advanced management of the multifactor authentication for your users, see Step-up Authentication.

Previous Tutorial
4. Rules
Use Auth0 for FREECreate free Account