Ruby On Rails Multifactor Authentication
Download a sample project specific to this tutorial configured with your Auth0 API Keys.
- Ruby 2.3.1
- Rails 5.0.0
Multifactor authentication (MFA) is an important method for adding an extra layer of security to your authentication flow. With MFA enabled in your Auth0 account, the process to grant user access to your application will require an additional verification step. In addition to a username/password combination, a verification code generated by a mobile application or sent by SMS will be required. Currently, Auth0 supports Auth0 Guardian, Google Authenticator and Duo. For more details, see Multifactor Authentication in Auth0.
On this tutorial, you'll learn how to enable MFA in the Rails application created in the Login step.
Enable Multifactor Authentication in Your Account
To enable the Auth0 MFA feature, open the Multifactor Auth With Guardian page and enable the Push Notifications option as shown below:
Click Save and you are ready to test Multifactor authentication in your application.
There is no need to update the code you created in the Login step of this tutorial. As soon as a user initiates sign-in they will be prompted to install a second-factor authenticator application (Auth0 Guardian is the default).
For detailed instructions on using Guardian to authenticate users, see: How to Use the Guardian App.
For advanced management of the multifactor authentication for your users, see Step-up Authentication.