- SuperTokens is not yet optimised for 2FA implementation, so you have to add a lot of customisations for it to work. We are working on improving the development experience for 2FA as well as adding more factors like TOTP. Stay tuned.
- A demo app that uses the pre built UI can be found on our GitHub.
- Add Email or SMS based OTP / magic link as a second factor auth.
- Allow access to APIs only if multi factor auth has been completed.
- Allow access to frontend routes only if multi factor auth has been completed.
- Use your custom UI or our pre built UI for the second factor auth.
See our example app on GitHub that uses NodeJS and React. It has email password + social login (thirdpartyemailpassword recipe) as the first factor, and SMS OTP (passwordless recipe) as the second factor
#New features in progress (not released yet)
- Optionally enable multi factor for users (based on their choice).
- Multi factor using TOTP (Google authenticator app).
- Backup recovery codes.
- Step up auth