Guardian example

Example for Guardian configuration and transaction API

Setup

You need to setup the following variable on your server in order for this example to work

AUTH0_API_TOKEN: 'See https://auth.com/docs/api/management/v2',
AUTH0_DOMAIN: '{tenant}.auth0.com',
AUTH0_SECRET: 'Client secret: DON\'T NOT COMMIT TO GIT REPO',
AUTH0_CLIENT: 'Client id',
AUTH0_TENANT: 'Name of your tenant',
AUTH0_REGION: 'au|us|eu',
COOKIE_SECRET: 'Secret to sign generated cookies DON\'T NOT COMMIT TO GIT REPO',
MY_API_SECRET: 'Secret to sign your own tokens DON\'T NOT COMMIT TO GIT REPO'

Multifactor rule

Activate Guardian an use the following multifactor rule

function (user, context, callback) {
  if (user.user_metadata && user.user_metadata.use_mfa === false){
    return callback(null, user, context);
  }

  context.multifactor = {
    provider: 'guardian', //required
    ignoreCookie: true, // optional. Force Auth0 MFA everytime this rule runs. Defaults to false. if accepted by users the cookie lasts for 30 days (this cannot be changed)
  };

  return callback(null, user, context);
}

Name		Name	Last commit message	Last commit date
Latest commit History 36 Commits
api		api
client		client
config		config
lib		lib
public		public
readme.d		readme.d
test		test
.babelrc		.babelrc
.eslintrc		.eslintrc
.gitignore		.gitignore
README.md		README.md
opslevel.yml		opslevel.yml
package.json		package.json
server.js		server.js
webpack.config.js		webpack.config.js

auth0/guardian-example

Folders and files

Latest commit

History

Repository files navigation

Guardian example

Setup

Multifactor rule

User profile

MFA Configuration

Step up / Require login

About

Resources

Security policy

Stars

Watchers

Forks

Languages