How can I let the user disable/unlink an MFA authenticator?
I have 2 scenarios in mind:
1. optional MFA
- I setup optional MFA in the Kinde dashbord
- a user sets up an authentication factor using an authenticator app
- after a while the user wants to change authenticator, which requires to unlink the current one
- how does the user unlinks the authenticator?
2. required MFA
- I allows users to choose between 2 methods (one needs to be an authenticator app)
- a user sets up the authenticator app
- after a while the user wants to change factor, e.g. from authenticator to SMS unlinking the authenticator app
- how does the user unlinks the authenticator?
Thank you!
5 Replies
Hey @GabriFila,
Thanks for reaching out.
In both cases, the user's MFA setup will need to be reset.
See the following doc on how to reset MFA: https://docs.kinde.com/manage-users/access-control/reset-multi-factor-authentication-for-a-user/
Let me know if you have any other questions.
Kinde docs
Reset multi-factor authentication for a user
Our developer tools provide everything you need to get started with Kinde.
Hi!
Thank you.
Is there a way to perform this action programmatically using the Kinde management API?
Hey @GabriFila,
At the moment, there is no way to reset MFA for a user via the Kinde management API, but in all honesty, there should be.
I will speak to my about about this tomorrow and get back to you.
Hey @GabriFila,
Apologies.
Still discussing this internally with my team.
Hey @GabriFila and @GabriFila,
My team and I have agreed to prioritise adding API endpoints, to the Kinde Management API, that will allow you to reset a specified user's MFA.
This will allow you to programmatically reset a user's MFA using the Kinde management API.
I will let yuou know when this change is live.
Hi, (sorry I didn't noteice I used my personal account)
Thanks for the info!
My pleasure