Allow certain MFA methods to make a session privileged #2284
Labels
feat
New feature or request.
Comments
aeneasr
added a commit
that referenced
this issue
Mar 5, 2022
This change introduces the ability to refresh a session (for example when entering "sudo" mode") using WebAuthn credentials. In this case, it does not matter whether the WebAuthN credentials are for MFA or passwordless flows. Closes #2284
aeneasr
added a commit
that referenced
this issue
Mar 6, 2022
This change introduces the ability to refresh a session (for example when entering "sudo" mode") using WebAuthn credentials. In this case, it does not matter whether the WebAuthN credentials are for MFA or passwordless flows. Closes #2284
aeneasr
added a commit
that referenced
this issue
Mar 6, 2022
This change introduces the ability to refresh a session (for example when entering "sudo" mode") using WebAuthn credentials. In this case, it does not matter whether the WebAuthN credentials are for MFA or passwordless flows. Closes #2284
peturgeorgievv
pushed a commit
to senteca/kratos-fork
that referenced
this issue
Jun 30, 2023
This change introduces the ability to refresh a session (for example when entering "sudo" mode") using WebAuthn credentials. In this case, it does not matter whether the WebAuthN credentials are for MFA or passwordless flows. Closes ory#2284
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Preflight checklist
Describe your problem
Currently, confirming privileged actions such as updating ones email requires a privileged session. Currently, only first factor authentication methods can be used to make the session privileged.
Describe your ideal solution
We would like some MFA methods to also be used to do this, for example hardware security keys. This would be similar to GitHub:
Workarounds or alternatives
Not applicable
Version
master
Additional Context
No response
The text was updated successfully, but these errors were encountered: