fusionauth-issues icon indicating copy to clipboard operation
fusionauth-issues copied to clipboard
verified publisher icon FusionAuth

Context: hosted pages with required MFA policy set -- do not expose option to allow for MFA trust on setup

Open jobannon opened this issue 1 year ago • 1 comments

Description

If MFA is required (Tenant Policy or Application), when the user setup's up their MFA for the first time, they should also be able to obtain trust for 30 days (we should expose a checkbox - see existing in screenshot).

Observed versions

1.48.2

Steps to reproduce

Steps to reproduce the behavior:

  1. Log into an application
  2. Be required to setup MFA device by FusionAuth hosted workflows
  3. Not see an option to enable MFA bypass for 30 days on that browser/device when initially setting up MFA

Expected behavior

There should be an option to bypass MFA for 30 days when the user first sets up MFA.

Screenshots

image

Community guidelines

All issues filed in this repository must abide by the FusionAuth community guidelines.

Additional context

Add any other context about the problem here.

jobannon avatar May 24 '24 21:05 jobannon

I assume this is working as designed.

So technically we are enabling 2FA here, we are not completing a 2FA login. Perhaps the user doesn't care - but to make this work how you are proposing, we'd need the enable 2FA to return a device trust.

Is the issue that you have to wait until the next time you sign in to check the box?

robotdan avatar Jun 07 '24 02:06 robotdan

@robotdan Missed your comment here --

Is the issue that you have to wait until the next time you sign in to check the box? Yes. Might be nice as an optional thing, but there could be a few edge cases to consider to make it all work

jobannon avatar Aug 01 '24 18:08 jobannon