Original post written by Geoffrey Goodman and Oliver Wang for Auth0 blog.
Customers can now add custom prompts or factors in their post-login flow.
We are excited to share that our customers that use Actions - Auth0’s flagship extensibility product - can now add custom prompts or factors in their post-login flow. This enables developers and partners to confidently record the completion of a factor upon returning after a custom redirect. Auth0 delivers more tools, features, and options for developers to give them the support and capabilities they need to customize their customer’s experience through pro-code flexibility.
We have introduced a new method to the API of post-login Actions when continuing the flow after a successful custom redirect. This method allows a customer and/or partner to store the completion of that custom factor right in the user’s session. What is powerful about this is that they can then check whether that customer record is in a user session in each login and skip that prompt if it’s there already. Because it’s stored in the user session itself, it benefits from any current and future session management features within the Auth0 product offering.
What Is the Problem We Are Solving?
Historically, there was no good way for customers to use Actions to securely implement custom prompts or custom factors in a user-friendly way. They could use user metadata or application metadata, but those objects exist across all user sessions. There was also no good way for customers or partners to see whether a user on a specific device had completed the necessary factors to login. This meant forcing users to re-perform the custom prompt or factor more often than necessary.
As an example, let's say you’re a developer for a banking app that has a special requirement to use a custom multi-factor authentication service, and you want that authentication to be associated with a user's session and or device for added security. That is where the ability to add a custom prompt enables you to build that customer experience and address that need.
See It in the Real Example!
Let's take a look at a real example! Below is a sample Actions code for a Partner Integration implementing a custom authentication factor.
Top comments (0)