You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Since I'm on a roll with questions and requests today, I think I'll ask one more. :-) Sorry.
Is there a way to have Kratos natively prompt the user to optionally create a 2FA method after a new identity is registered?
I would ideally like the user's registration flow to work like this:
User supplies email address and password (the email address is the user's identifier).
User verifies email address by submitting the OTP emailed to the address.
On successful verification, identity is registered and session cookie is issued.
(Before the registration flow ends) User is prompted to optionally set 2FA methods.
On completion or skip, user is redirected to my SPA.
I think I can get this done via the UI, but I'd rather not because it may require an aal2 stepup which would be annoying (and I don't want settings to be changed at aal1). I also don't want to deviate too much from the accepted Kratos way of doing things. I'm programming the UI as an SPA that uses no frameworks or libraries but, instead, is written in plain and broadly compatible JavaScript (it's lightning fast, and PageSpeed Insights loves it). I would hate to do something weird that would totally break and require the UI to be reprogrammed when Kratos is updated.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Since I'm on a roll with questions and requests today, I think I'll ask one more. :-) Sorry.
Is there a way to have Kratos natively prompt the user to optionally create a 2FA method after a new identity is registered?
I would ideally like the user's registration flow to work like this:
I think I can get this done via the UI, but I'd rather not because it may require an aal2 stepup which would be annoying (and I don't want settings to be changed at aal1). I also don't want to deviate too much from the accepted Kratos way of doing things. I'm programming the UI as an SPA that uses no frameworks or libraries but, instead, is written in plain and broadly compatible JavaScript (it's lightning fast, and PageSpeed Insights loves it). I would hate to do something weird that would totally break and require the UI to be reprogrammed when Kratos is updated.
Thanks!
Beta Was this translation helpful? Give feedback.
All reactions