Add 2fa support to token identity endpoints #47230
Assignees
Labels
area-identity
Includes: Identity and providers
enhancement
This issue represents an ask for new feature or an enhancement to an existing one
feature-token-identity
Priority:0
Work that we can't release without
Milestone
Comments
dotnet-issue-labeler
bot
added
area-identity
mkArtakMSFT
added
enhancement
5 tasks
This was referenced Mar 17, 2023
This was referenced Jul 18, 2023
mkArtakMSFT
pushed a commit
that referenced
this issue
Jul 21, 2023
Backport of #49498 to release/8.0-preview7 /cc @halter73 # Add more MapIdentityApi endpoints ## Description This adds the following new endpoints: - GET /confirmEmail - POST /resendConfirmationEmail - POST /resetPassword - GET /account/2fa - POST /account/2fa - GET /account/info - POST /account/info Additionally, the existing /login endpoint now accepts 2fa codes and 2fa recovery codes as part of the request body. These can be queried and regenerated from /account/2fa. The /login endpoint now also gives limited failure reasons in the form of application/problem+json instead of empty 401 responses with details such as "LockedOut", "RequiresTwoFactor", "NotAllowed" (usually because lack of email confirmation), and the generic "Failed" statuses. Fixes #47232 (lockout support) Fixes #47231 (reset password support) Fixes #47230 (2fa support) Fixes #47229 (change username and password) Fixes #49404 (Removes AddIdentityBearerToken which is no longer needed) ## Customer Impact This makes the MapIdentityApi API introduced in preview4 more usable. See https://devblogs.microsoft.com/dotnet/asp-net-core-updates-in-dotnet-8-preview-4/#auth where we promised the following. > In addition to user registration and login, the identity API endpoints will support features like two-factor authentication and email verification in upcoming previews. You can find a list of planned features in the issues labeled [feature-token-identity](https://github.com/dotnet/aspnetcore/issues?q=is%3Aopen+label%3Afeature-token-identity+sort%3Aupdated-desc) on the ASP.NET Core GitHub repository. This PR adds all of these features, and it's important to make this available to customers as soon as possible, so we have time to react to any feedback. It appears customers are [excited to give it a go.](https://www.reddit.com/r/programming/comments/13jxcsx/aspnet_core_updates_in_net_8_preview_4_net_blog/jki0p3g/) ## Regression? - [ ] Yes - [x] No ## Risk - [ ] High - [ ] Medium - [x] Low This is primarily new API with minimal changes to SignInManager that should have no impact unless used by the new MapIdentityApi endpoints. ## Verification - [x] Manual (required) - [x] Automated ## Packaging changes reviewed? - [ ] Yes - [ ] No - [x] N/A
ghost
locked as resolved and limited conversation to collaborators
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
and others
No description provided.
The text was updated successfully, but these errors were encountered: