mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-14 03:54:21 +00:00
fb2b1610f9
# Which Problems Are Solved Request to the ZITADEL API currently require multi factor authentication if the user has set up any second factor. However, the login UI will only prompt the user to check factors that are allowed by the login policy. This can lead to situations, where the user has set up a factor (e.g. some OTP) which was not allowed by the policy, therefore will not have to verify the factor, the ZITADEL API however will require the check since the user has set it up. # How the Problems Are Solved The requirement for multi factor authentication based on the user's authentication methods is removed when accessing the ZITADEL APIs. Those requests will only require MFA in case the login policy does so because of `requireMFA` or `requireMFAForLocalUsers`. # Additional Changes None. # Additional Context - a customer reached out to support - discussed internally - relates #7822 - backport to 2.53.x |
||
---|---|---|
.. | ||
server.go | ||
session_integration_test.go | ||
session_test.go | ||
session.go |