We are trying to set up 2FA on our app based on the instructions provided here
The plugin/feature was installed from Marketplace
The Users table has the additional columns
When we try to register a user using the register endpoint of the UserService.
We get the following response
- the transaction id is not present,
- the twoFA_secret and twoFA_qrURL is null.
- Only twoFactorAuthentication is set to true
Without these we cant proceed to the next step.
Request
Response
Instead of Registering with 2FA we also tried enabling 2FA for an existing user using the /enable2fa PUT method
In the response we get the totpQR_Path and totpSecretKey and adding the key to the Authenticator works.
There is no transaction id provided here which is as per your documentation. But the user record in the database still has twoFactorAuthentication = False
If we try to login as the user, the response does not have a transaction id that can use to carry out 2fa with the /auth POST endpoint as it requires the transaction id and the authenticator code.
We manually updated twoFactorAuthentication = True and tried to login again, it still does not provide a transaction id.
Could you please let us know what are we doing incorrectly and what changes are needed to make this work on our app?
Thanks
Fabio