Common questions (and answers to those questions) that might arise when implementing Hosted Login v2 and two-factor authentication.
2FA screens don't appear as expected
A few things to check: Are you using Hosted Login v2? Have you enabled two-factor authentication? Are you using the right OpenID Connect login client?
2FA seems to have stopped working
Often-times this simply means that your users are logging on with trusted devices. Try changing the authentication.second_factor.trust_device_ttl client setting value and see what happens.
Prevent users from trusting their devices
Simply hide the Trust this device for future logins checkbox.
New users must verify their email address twice
This typically occurs because you enabled two-factor authentication without also updating the traditional registration and social registration forms.
Users can't get their access codes by text message
Users can’t get an access code sent via text message unless those users have a verified mobile device number in their user profile.
Users are unable to trust a device
This usually means that the authentication.second_factor.trust_device_ttl application client setting is set to 0.
Users don't see the "Back to App" button
Two possible reasons for this: 1) you aren’t running Hosted Login v2; or, 2) you didn’t include the redirect_uri in the link users click to open their user profiles.
A trusted device still goes through 2FA
This could be because the user isn’t actually logging on from a trusted device. Alternatively, the trusted device lifetime could have expired.
Updated about 1 year ago