Last active
May 14, 2020 19:08
-
-
Save saltukalakus/f3ce3f8e8f2d928f54ce1910522adb7e to your computer and use it in GitHub Desktop.
DUO replace username
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function (user, context, callback) { | |
| var CLIENTS_WITH_MFA = ['REPLACE_WITH_YOUR_CLIENT_ID']; | |
| // run only for the specified clients | |
| if (CLIENTS_WITH_MFA.indexOf(context.clientID) !== -1) { | |
| // uncomment the following if clause in case you want to request a second factor only from user's that have user_metadata.use_mfa === true | |
| // if (user.user_metadata && user.user_metadata.use_mfa){ | |
| context.multifactor = { | |
| //required | |
| provider: 'duo', | |
| ikey: 'DIXBMN...LZO8IOS8', | |
| skey: 'nZLxq8GK7....saKCOLPnh', | |
| host: 'api-3....049.duosecurity.com', | |
| // optional, defaults to true. Set to false to force DuoSecurity every time. | |
| // See https://auth0.com/docs/multifactor-authentication/custom#change-the-frequency-of-authentication-requests for details | |
| allowRememberBrowser: false, | |
| // optional. Use some attribute of the profile as the username in DuoSecurity. This is also useful if you already have your users enrolled in Duo. | |
| username: user.user_id.replace(/\|/ig, ''), | |
| // optional. Admin credentials. If you provide an Admin SDK type of credentials. auth0 will update the realname and email in DuoSecurity. | |
| // admin: { | |
| // ikey: 'DIAN...NV6UM', | |
| // skey: 'YL8OVzvoeeh...I1uiYrKoHvuzHnSRj' | |
| // }, | |
| }; | |
| // } | |
| } | |
| callback(null, user, context); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment