Configure Push Notifications for MFA
The Guardian SDKs for iOS and Android allow you to use a custom-built app for vendor-specific push notification services. You can configure push notifications for the AWS Simple Notification Service (SNS) platform or use Direct to Vendor services to add Firebase Cloud Messaging (FCM) and Apple Push Notification (APN) credentials directly in Auth0.
AWS SNS Configuration
Before you configure push notifications, follow the prerequisites below:
Create an SNS Platform Application using AWS Management console and note it’s ARN.
Create an AWS Access Key ID authorized to create Platform Application endpoints. Guardian automatically creates a Platform Application endpoint with an appropriate device token as part of a successful enrollment.
Configure push notifications with AWS SNS
To receive push notifications from Guardian, it's necessary to override Guardian's default SNS settings.
Go to Dashboard > Security > Multi-factor Auth and click on Push via Auth0 Guardian. Click the toggle if it is not yet enabled.
Click the down-arrow next to Use a Custom App. The settings page expands.
Choose Amazon SNS
Under Amazon SNS Configuration, enter your AWS Access Key ID and ARN from the AWS Management Console.
Field Description AWS Access Key ID Your AWS Access Key ID. AWS Secret Access Key Your AWS Secret Access Key. AWS Region Your AWS application's region. APNS ARN The Amazon Resource Name for your Apple Push Notification Service. FCM ARN The Amazon Resource Name for your Firebase Cloud Messaging Service. Click Enable.
Configure push notifications for Android using FCM
Update the default SNS settings in Guardian to receive push notifications.
Go to Dashboard > Security > Multi-factor Auth and click on Push via Auth0 Guardian. Click the toggle if it is not yet enabled.
Click the down-arrow next to Use a Custom App. The settings page expands.
Choose Platform Specific.
Under Android App Configuration, enter your FCM credentials.
Field Description Enable Android App Enables the Auth0 to send push notifications to your custom application. If this is not enabled then push notifications will not be sent. Google Play Store URL Specify the link of your custom application to be used when users need to first download your application to configure MFA. FCM Server Key Credential key from Android FCM Click Enable.
Configure push notifications for Apple using APNs
Get APN certificate
Generate a new APN certificate from your Apple developer account.
Install the certificate locally.
Find the Apple Sandbox Push Services: {AppId} certificate in your Keychain Access.
Export the certificate and the associated private key to a P12 file without a password (default name:
Certificates.p12
).To generate a P12 file using Triple DES instead of RC2, run
openssl pkcs12 -in Certificates.p12 -nocerts -nodes -out pk.pem -passin pass:"" && openssl pkcs12 -in Certificates.p12 -nokeys -out cert.crt -passin pass:"" && openssl pkcs12 -export -inkey pk.pem -in cert.crt -descert -out Certificate_3des.p12 -passout pass:"" && rm pk.pem cert.crt
Was this helpful?
/Delete
Certificates.p12
and useCertificate_3des.p12
as the APN certificate in the Auth0 Dashboard.
Configure Auth0 Dashboard
Go to Dashboard > Security > Multi-factor Auth and click on Push via Auth0 Guardian. Click the toggle if it is not yet enabled.
Click the down-arrow next to Use a Custom App. The settings page expands.
Choose Platform Specific.
Under iOS App Configuration, enter your APN credentials.
Field Description Enable iOS App Enables the Auth0 to send push notifications to your custom application. If this is not enabled then push notifications will not be sent. Apple App Store URL Specify the link of your custom application to be used when users need to first download your application to configure MFA. APNs Bundle ID Provided by iOS Developer Console. APNs Certificate P12 certificate. iOS App Environment Set this based on your configuration within your Apple developer account. Click Enable.