We’ve been doing some thinking and research for you.
These are the general instructions but I’m adding this to our list of examples to make. You should be able to accomplish 2FA through a couple of methods:
SMS & Email
This route requires some effort. Depending on your preference of SMS and Email (the process would be very similar), you can implement your own 2FA flow in Losant.
You could use Twilio or SendGrid as the services to send the messages.
You would need to build at least two experience workflows.
- Generate Token Workflow - This workflow will generate the token for the user, and send via email or SMS.
- Verify Token Workflow - This workflow accepts a token from a user, verifies it, and set their authentication cookie.
I recommend using JWT Tokens for the secrets. You can learn more about JWT Tokens here. You will have to store a secret or one-time code for the user. The best place for this is Experience User Tags.
2FA via Rest API
I think this one would be the easiest to integrate. You can use the HTTP Node to talk to the Authy API.