Unable to access two factor secret once the new user is registered

[Platinate]

Hello,

I'm using FusionAuth to securize my application but I have a problem when registering a user. When I'm registering a user I'm generating a secret through the API and store it in the corresponding property.

var secretResponse = await _client.GenerateTwoFactorSecretAsync();
if (!secretResponse.WasSuccessful()) throw new Exception("Couldn't generate secret");
var data = new Dictionary<string, object>
{
  { "SecretBase32Encoded", secretResponse.successResponse.secretBase32Encoded }
};
var faUser = new User{
  username = username,
  email = email,
  password = password,
  firstName = fName,
  lastName = lName,
  fullName = $"{fName} {lName}",
  id = newUserId,
  twoFactorEnabled = true,
  twoFactorSecret = secretResponse.successResponse.secretBase32Encoded,
  data = data
};

The registration is going well but when I try to access the secret by getting the user through this then the secret is null.

var userResponse = await _client.RetrieveUserByLoginIdAsync(request.loginId)
if (!userResponse.WasSuccessful())
  throw new Exception("Couldn't retrieve user");
userResponse.successResponse.user.twoFactorSecret // IS NULL

For now I'm found a work around by storing the secret into the user data but I was curious to know if there was a better solution.

Thanks again and best regards

[mooreds]

Hiya,

I'm not sure I understand. From the API docs, the twoFactorSecret is The Base64 encoded secret used to generate Two Factor verification codes. So it's not a general purpose secret.

So you generate the secret and send it up to FusionAuth when the user is created. But after two factor is enabled you shouldn't need it any more.

Have you seen this documentation: https://fusionauth.io/docs/v1/tech/tutorials/two-factor/authenticator-app

Let me know if I don't understand what you are asking; perhaps I'm missing something.

[ColinFrick]

@synedra This can be closed.