Multi-Factor Authentication
Multi-factor authentication (MFA) enhances security by requiring users to provide two or more verification factors prior to accessing their account, greatly reducing the likelihood of account compromise.
API Objects & Endpoints
API Resources | Description |
|---|---|
A top-level tenant that groups members, auth settings, roles, and other identity configurations. | |
Represents an authenticated user who is a member of a specific Organization. | |
A collection of endpoints for enrolling in and performing MFA with SMS OTPs. | |
A collection of endpoints for enrolling in and performing MFA with authenticator apps using TOTP. | |
A managed session that tracks a Member's logged-in state using JWTs or session tokens. |
How it works
Stytch supports two different methods of secondary authentication:
- SMS One-time passcodes (OTPs)
- Authenticator app Time-based One-time passcodes (TOTPs)
Stytch handles:
Enforced enrollment in MFA based on the Organization's MFA Policy (optional or required, allowed secondary methods)
Optional enrollment in MFA, even if Organization does not require it
Enforcing that MFA requirements for the Member and Organization have been met prior to a Session being issued