Multi-Factor Authentication
Add an additional layer of security to your application.
Multi-Factor Authentication (MFA) is an additional method of securing your application. MFA adds a layer of security during sign in that requires a user to provide an additional time-based one-time password (TOTP).
AuthKit will make the necessary API calls to handle first-time configuration of users’ MFA factors automatically, and validate one-time codes as part of the authentication flow.
MFA can be enabled in the Authentication section of the WorkOS Dashboard. New and existing users will be required to set up multi-factor authentication with an authenticator app that supports one-time passcodes before they can sign in.
The MFA requirement does not apply to SSO users.
If you’d prefer to build and manage your own authentication UI, you can do so via the User Management Multi-Factor API.
Examples of building custom UI are also available on GitHub.