Skip to content

docs: MFA default-on, per-method meta fields, user search by ID, org member email#75

Open
lakhansamani wants to merge 1 commit into
mainfrom
docs/mfa-default-and-meta-methods
Open

docs: MFA default-on, per-method meta fields, user search by ID, org member email#75
lakhansamani wants to merge 1 commit into
mainfrom
docs/mfa-default-and-meta-methods

Conversation

@lakhansamani

Copy link
Copy Markdown
Contributor

Documents the server changes merged in authorizer PRs #679, #680, #681, #682.

MFA (breaking flag change)

  • docs/core/server-config.md — new "Multi-factor authentication (MFA)" section: MFA is now on by default; --disable-totp-login / --disable-email-otp / --disable-sms-otp opt out per method; email/SMS OTP only available when SMTP/Twilio configured; --enforce-mfa (default false) makes MFA mandatory. Removed the old --enable-* MFA flags from the example.
  • docs/migration/v1-to-v2.md — updated the auth-behavior flag mapping and added a breaking note with the --enable-* → --disable-* translation table.

New meta fields

  • docs/core/graphql-api.md — public meta: is_totp_mfa_enabled, is_email_otp_mfa_enabled, is_sms_otp_mfa_enabled, is_webauthn_enabled; admin _admin_meta: is_multi_factor_auth_service_enabled.

Admin user search + org members

  • graphql-api.md / rest-api.md_users / POST /v1/admin/users query param now also matches user ID (plus email, given_name, family_name, nickname).
  • docs/enterprise/organizations.md — organization member listings now expose email / given_name / family_name (blank if the user was deleted).

gRPC docs already defer to the GraphQL/REST field references, so no separate gRPC edits were needed.

… member email

Reflect server changes merged in authorizer#679/#680/#681/#682:

- MFA is on by default and optional; document --disable-totp-login,
  --disable-email-otp, --disable-sms-otp and the --enforce-mfa default
  flip (server-config, v1-to-v2 migration mapping + breaking note).
- Add public meta fields is_totp_mfa_enabled / is_email_otp_mfa_enabled /
  is_sms_otp_mfa_enabled / is_webauthn_enabled and admin
  is_multi_factor_auth_service_enabled (graphql-api).
- _users / POST /v1/admin/users query param now matches user ID too.
- Organization member listings expose email / given_name / family_name.
@netlify

netlify Bot commented Jul 12, 2026

Copy link
Copy Markdown

Deploy Preview for authorizerdev-docs ready!

Name Link
🔨 Latest commit f6a925b
🔍 Latest deploy log https://app.netlify.com/projects/authorizerdev-docs/deploys/6a532452cf4f32000867e876
😎 Deploy Preview https://deploy-preview-75--authorizerdev-docs.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.
🤖 Make changes Run an agent on this branch

To edit notification comments on pull requests, go to your Netlify project configuration.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant