Hello,
We have a web app built with React which uses Salesforce Community identities. Now there's a need to implement new feature in it which has MFA requirement. So identity verification isn't required in every login to the app but only when user tries to access this new feature. Any ideas how to implement this?
We tried writing a simple custom REST API on Salesforce which runs SessionManagement.generateVerificationUrl method and returns the generated URL. Web front end forwards user to the URL but it gives "timed out" error.
7 comments
Hi @Benj Kamm! We have a Node.js based backend in AWS. Most of the data consumed in the app is coming from Salesforce and we've written custom Apex REST APIs for that. All API calls are done as the logged-in user. What @Itzik Koren suggested sounds like something that could work and we are probably going to give it a shot. So we would create a VF page that launches the 2FA and we'd add the page in the context of the Community that provides the identity framework for the app.
