Multi-Factor Authentication (MFA)

Add an extra layer of security to your application with MFA.

Supabase's Multi-Factor Authentication (MFA) adds an extra layer of security to your application by verifying user identity through additional steps beyond the initial login.

Key features

  1. Multiple authentication methods: Support for App Authenticator (TOTP) and phone messaging.
  2. Flexible enrollment: API for building custom MFA setup interfaces.
  3. Challenge and Verify APIs: Securely validate user access to additional factors.
  4. Authenticator Assurance Levels: JWT claims (aal1, aal2) to indicate the level of identity verification.
  5. Customizable enforcement: Options to enforce MFA for all users, new users only, or opt-in basis.
  6. Database integration: Row Level Security policies to enforce MFA rules at the database level.

Benefits:

  • Enhanced security: Significantly reduce the risk of unauthorized account access.
  • User trust: Demonstrate a commitment to protecting user data and privacy.
  • Compliance support: Meet security requirements for regulated industries.
  • Flexible implementation: Customize MFA flows to suit your application's needs.

MFA is particularly valuable for:

  • Financial services and banking applications
  • Healthcare platforms managing protected health information
  • Enterprise applications with access to confidential business data
  • E-commerce sites protecting user payment information
  • Any application storing sensitive user data

Supabase's MFA feature provides a robust tool for enhancing application security, allowing developers to implement strong authentication measures tailored to their specific requirements.

Read Documentation
Share

Build in a weekend, scale to millions