Weak Multi-factor authentication
4 min

template: templates/complete-guide.html heading: Weak Multi-factor authentication read_time: 4 min

Multi-factor authentication (MFA) is essential in any application to enhance security by requiring multiple forms of verification from the user, reducing the risk of unauthorized access.

If you're using OIDC with PKCE and the Asgardeo SDK for login, you can easily add the necessary multi-factor authentication steps within the application configuration in WSO2 Identity Server. You can also implement conditional authentication logic to tailor the login process based on risk factors, without requiring any changes to the SDK—simply configure it in the WSO2 Identity Server console.

Sample Authentication Step Configurations in Asgardeo

Additionally, WSO2 Identity Server offers App-Native authentication, allowing you to create your own user interfaces while handling authentication via REST APIs. In this case, you must follow the API specifications and incorporate all required MFA steps to complete the authentication process. If the authentication flow involves a federated IdP, you'll also need to manage IdP redirection accordingly.