This is the sample app for setting up Authy TOTP 2FA with Auth0
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
bin
public/stylesheets
routes
views
.gitignore
LICENSE
README.md
app.js
authy-mfa-wt.js
package.json
rule.js
run-wt

README.md

auth0-authy-sample-app

This is the sample app for setting up Authy TOTP 2FA with Auth0

Installation

  1. Install Dependencies
npm install
  1. Gather Credentials
  1. Create .env file with:
AUTH0_DOMAIN="[Your Auth0 Domain]"
AUTH0_CLIENT_ID="[Your Auth0 Client ID]"
AUTH0_CLIENT_SECRET="[Your Auth0 Client Secret]"
AUTH0_CALLBACK="http://localhost:3000/callback"
AUTHY_API_KEY="[Your Authy API Key]"
AUTH0_MANAGEMENT_TOKEN="[Your Auth0 Management API Token]"
  1. Modify wt-run script
#! /bin/bash

wt create --name authy-mfa --secret authy_api_key=[Your Authy API Key] --secret auth0_secret=[Your Auth0 Client Secret] --secret auth0_clientID=[Your Auth0 Client ID] --secret returnUrl=https://[Your Auth0 domain]/continue --output json --profile [Your Webtask.io Profile Name] authy-mfa-wt.js
  1. Make wt-run executable
> chmod +x wt-run
  1. install the webtask cli if you haven't already

  2. Deploy your webtask:

> ./wt-run
  1. modify rule.js
 var configuration = {
    CLIENT_ID: '[Your Auth0 Client ID]',
    CLIENT_SECRET: '[Your Auth0 Client Secret]',
    ISSUER: '[Your Auth0 Domain]'
  };
  1. open the rules tab in the dashboard, create a new rule, and paste the modified contents of rule.js into the editor window, and click 'Save'.

  2. Run the server

node bin/www
  1. navigate to http://localhost:3000 in your browser.

Caveat

There is a caveat with this project. If you're going to log into a social provider and use 2FA, you'll need to use your own dev keys with the social connection, or the rule will fail. Using email/password combination works just fine no matter the situation.