Greetings all. I am looking for guidance on integrating auth0 into my knack app and am having a hard time finding documentation for those of us who are not developers (the whole idea behind low or no code wink:) I have created the login through auth0, but an struggling to connect the data with current login data on my app. Does anyone have experience setting up SAML 2.0 or 0Auth through auth0 specifically. This honestly should be integrated into Knack already. I am also willing to pay someone to do this for me. I would love to learn however.
I am trying to revive this. Am I the only one that sees a need for 2FA for customer facing apps?
I agree with you totally
I have mentioned this to our amazing new Product Manager @Kara. 2FA should really be a standard feature on the live app nowadays.
Hopefully this will be on the road map soon.
We have options for SAML/Auth for Live App users, depending on your plan type.
Carl - we’ve been tossing some ideas around 2FA. The questions I have would be around supporting it.
If you, as a builder, enabled 2FA for Live App users, then the end user had an issue logging in, who would they reach out to? Would builders be willing to handle resetting/removing 2FA for users?
I know I would. I have attempted to integrate 2FA over a month and it was extremely arduous. I would recommend partnering with a third party to make integration easier, and then we can manage it from the third party. The issue is not that you dont have it, its that it is extremely difficult to integrate. This is low code so your customer base needs that option for 2FA. I have clients turn me down on using my platform because its not there. Pretty soon it will be standard for everyone and knack may not be as competitive. Just a recommendation.
Hi @Kara - it’s an interesting question.
I don’t know enough about the technical side of 2FA to understand how or why it would become an issue if the user had difficulty logging in.
My thinking is that they would receive a separate email / text or use an authenticator app.
I assume that if they no longer have access to that email or cell number then the details would need to be updated in Knack. This could be done by an admin user within the client company as I always build an accounts section for them to manage their own users.
If a user has access issues today, they can use the self service password reset process.
How do other organisations handle this issue?
Like others, most of my other web services use 2FA, mostly text or authenticator, and I’ve never had to contact anyone. Occasionally, I’ve had to reset my password, but 2FA has never been an issue.
I’m unclear why a user would need to come back to the builder to update details if they had an access issue.
There is in increasing expectation that Knack has or should offer the additional level of security that 2FA provides.
Builders and Clients work together when developing account roles and the login process. 2FA should be an option for Knack app client and their users. If a user has access issues to the app, then it is something the client and builder should have worked out beforehand on who resolves and how it is resolved.
@Kara - definitely think the builders should handle resetting 2FA for users in the first instance. Down the track there might be some thinking about enabling this access to a user type.