Enroll a factor

Starts the enrollment process for a new Multi-Factor Authentication (MFA) factor. This method creates a new unverified factor. To verify a factor, present the QR code or secret to the user and ask them to add it to their authenticator app. The user has to enter the code from their authenticator app to verify it.

Currently, totp is the only supported factorType. The returned id should be used to create a challenge.
To create a challenge, see mfa.challenge().
To verify a challenge, see mfa.verify().
To create and verify a challenge in a single step, see mfa.challengeAndVerify().
To generate a QR code for the totp secret in nextjs, you can do the following:

1<Image src={data.totp.qr_code} alt={data.totp.uri} layout="fill"></Image>

Parameters

params

REQUIRED

MFAEnrollParams

factorType

REQUIRED

"totp"

The type of factor being enrolled.

friendlyName

Optional

string

Human readable name assigned to the factor.

issuer

Optional

string

Domain which the user is enrolled with.


const { data, error } = await supabase.auth.mfa.enroll({
  factorType: 'totp',
  friendlyName: 'your_friendly_name'
})

// Use the id to create a challenge.
// The challenge can be verified by entering the code generated from the authenticator app.
// The code will be generated upon scanning the qr_code or entering the secret into the authenticator app.
const { id, type, totp: { qr_code, secret, uri }, friendly_name } = data