/auth0-slack-mfa

An Auth0 extension that can be used to add MFA utilizing Slack DMs.

Primary LanguageJavaScriptMIT LicenseMIT

Auth0 Slack MFA Extension

The Slack MFA Extension will send Slack messages containing a magic link to your users. Once the user clicks the magic link they will complete their login process.

Installation

Getting a Slack API Token

This key is used to send direct messages to members of your Slack Team. To acquire and API token you must create a new custom bot user or using an existing one. It is better to setup a specific bot for this activity. The MFA magic links will be sent to you users on behalf of the bot.

Installing the extension

Go to the Extensions tab of the dashboard.

Click CREATE EXTENSION and install the extension from this repository: https://github.com/auth0-extensions/auth0-slack-mfa

Finally enter your Box and Auth0 settings:

  • SLACK_API_TOKEN: Your teams Slack API Key
  • MONGO_CONNECTION_STRING: The connection string for you MongoDB instance.

The extension will setup a mongo collection

The Slack MFA extension utilizes MongoDB to store a whitelist of valid JWT's. Each JWT is a onetime use token that is revoked after it is used. This extension will automatically setup a mongo collection for managing these tokens. It will..

  • Create a collection named: Token
  • Create a unique index for _id (this should exist by default):
{
  "v": 1,
  "key": {
    "_id": 1
  },
  "name": "_id_",
  "ns": "<db-name>.Token"
}
  • Create a TTL Index for the collection:
{
  "v": 1,
  "key": {
    "issued": 1
  },
  "name": "token-cleanse",
  "ns": "<db-name>.Token",
  "background": true,
  "expireAfterSeconds": 300
}

TODO:

  • Script out the creation of a mongodb collection and ttl index.
  • Get assets for logos.
  • Deploy assets to cdn so help screen is useful
  • Pull rule's configuration from the extension API instead of hard coding it.