Example for Guardian configuration
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
api
client
config
lib
public
readme.d
test
.babelrc
.eslintrc
.gitignore
README.md
package.json
server.js
webpack.config.js

README.md

Guardian example

Example for Guardian configuration and transaction API

Setup

You need to setup the following variable on your server in order for this example to work

AUTH0_API_TOKEN: 'See https://auth.com/docs/api/management/v2',
AUTH0_DOMAIN: '{tenant}.auth0.com',
AUTH0_SECRET: 'Client secret: DON\'T NOT COMMIT TO GIT REPO',
AUTH0_CLIENT: 'Client id',
AUTH0_TENANT: 'Name of your tenant',
AUTH0_REGION: 'au|us|eu',
COOKIE_SECRET: 'Secret to sign generated cookies DON\'T NOT COMMIT TO GIT REPO',
MY_API_SECRET: 'Secret to sign your own tokens DON\'T NOT COMMIT TO GIT REPO'

Multifactor rule

Activate Guardian an use the following multifactor rule

function (user, context, callback) {
  if (user.user_metadata && user.user_metadata.use_mfa === false){
    return callback(null, user, context);
  }

  context.multifactor = {
    provider: 'guardian', //required
    ignoreCookie: true, // optional. Force Auth0 MFA everytime this rule runs. Defaults to false. if accepted by users the cookie lasts for 30 days (this cannot be changed)
  };

  return callback(null, user, context);
}

User profile

User profile

MFA Configuration

MFA Configuration

Step up / Require login

Step up