03/09/2022, 4:52 PM
Can I start with normal login and initiate MFA later, on “dangerous” operations? ex: Github asks you for password for sensitive area. But MFA instead
03/09/2022, 5:27 PM
Hey, yes you can implement that with "Authenticator Assurance Level"
aal2 is what you are looking for, requiring MFA for certain flows, most common is settings (changing password/email etc.)
03/09/2022, 6:59 PM
Thank you! I am moving forward with integration as Kratos meets most of our needs. Look forward contribute to Kratos and other tools.