How to enforce MFA for all users?

Hi I am currently looking through the MFA docs and found these examples of enforcing MFA for all users.
https://supabase.com/docs/guides/auth/auth-mfa#enforce-rules-for-mfa-logins

However, this example does not work obviously because the table name isnt specified. I read through the docs and cant find a proper example on where to enforce this policy? Is it the auth.users table?

I tried using this:

create policy "Enforce MFA for all users - new and existing"
  on auth.users
  as restrictive
  to authenticated
  using (auth.jwt()->>'aal' = 'aal2');

create policy "Enforce MFA for all users - new and existing"
  on auth.users
  as restrictive
  to authenticated
  using (auth.jwt()->>'aal' = 'aal2');

but its giving me an error

Bildschirmfoto_2024-01-13_um_08.36.32.png

Multi-Factor Authentication | Supabase Docs

Add an additional layer of security to your apps with Supabase Auth multi-factor authentication.

Supabase•3y ago•

2 replies

dominik

How to enforce MFA for all users?

create policy "Enforce MFA for all users - new and existing"
  on auth.users
  as restrictive
  to authenticated
  using (auth.jwt()->>'aal' = 'aal2');

create policy "Enforce MFA for all users - new and existing"
  on auth.users
  as restrictive
  to authenticated
  using (auth.jwt()->>'aal' = 'aal2');

but its giving me an error

Multi-Factor Authentication | Supabase Docs

Add an additional layer of security to your apps with Supabase Auth multi-factor authentication.

How to enforce MFA for all users?

How to enforce MFA for all users?

Similar Threads

Similar Threads

Similar Threads