Darshan Hiranandani : Can We Check if a Google Use...

darshanhira24 · 12-23-2024 10:04 PM

Hi everyone,

I'm Darshan Hiranandani, We're developing a web portal and planning to integrate Google login for authentication. We want to allow anyone with a Google account to access our portal, but with one condition: the user must have two-factor authentication (2FA) enabled on their Google account.

Is there a way to check if a Google user has MFA (multi-factor authentication) enabled through the Google API or any other method when they log in via Google?

Any insights or best practices on implementing this type of security requirement would be really appreciated!

Thanks!

Regards

Darshan Hiranandani

AlexET

Hi @darshanhira24, thank you for your question! Just to let you know, this forum is specifically for Apigee-related questions. To ensure your question is in the right place, could you clarify if you are using the API management platform by Google Cloud (Apigee) in this context?

dchiesa1

If you use Google Cloud Identity Platform , you can control whether 2FA is required or not.

To set this up

visit https://console.cloud.google.com/customer-identity/providers?project=your-gcp-project
Add Google as an identity provider
Enable MFA
in your app or website, _require_ multi-factor auth for signin. as described here: https://cloud.google.com/identity-platform/docs/web/mfa#choosing_an_enrollment_pattern

But Alex is correct- this room is for Apigee. You should be asking this kind of question in this room. or maybe this one.

Darshan Hiranandani : Can We Check if a Google User Has Two-Factor Authentication Enabled for Login?