Resource: auth0_guardian

Multi-Factor Authentication works by requiring additional factors during the login process to prevent unauthorized access. With this resource you can configure some options available for MFA.

Example Usage

resource "auth0_guardian" "my_guardian" {
  policy        = "all-applications"
  email         = true
  otp           = true
  recovery_code = true

  webauthn_platform {
    enabled = true
  }

  webauthn_roaming {
    enabled           = true
    user_verification = "required"
  }

  phone {
    enabled       = true
    provider      = "auth0"
    message_types = ["sms", "voice"]

    options {
      enrollment_message   = "{{code}} is your verification code for {{tenant.friendly_name}}. Please enter this code to verify your enrollment."
      verification_message = "{{code}} is your verification code for {{tenant.friendly_name}}."
    }
  }

  push {
    enabled  = true
    provider = "sns"

    amazon_sns {
      aws_access_key_id                 = "test1"
      aws_region                        = "us-west-1"
      aws_secret_access_key             = "secretKey"
      sns_apns_platform_application_arn = "test_arn"
      sns_gcm_platform_application_arn  = "test_arn"
    }

    custom_app {
      app_name        = "CustomApp"
      apple_app_link  = "https://itunes.apple.com/us/app/my-app/id123121"
      google_app_link = "https://play.google.com/store/apps/details?id=com.my.app"
    }
  }

  duo {
    enabled         = true
    integration_key = "someKey"
    secret_key      = "someSecret"
    hostname        = "api-hostname"
  }
}

Schema

Required

Optional

Read-Only

Nested Schema for duo

Required:

Optional:

Nested Schema for phone

Required:

Optional:

Nested Schema for phone.options

Optional:

Nested Schema for push

Required:

Optional:

Nested Schema for push.amazon_sns

Required:

Nested Schema for push.custom_app

Optional:

Nested Schema for push.direct_apns

Required:

Optional:

Nested Schema for push.direct_fcm

Required:

Nested Schema for webauthn_platform

Required:

Optional:

Nested Schema for webauthn_roaming

Required:

Optional:

Import

Import is supported using the following syntax:

# As this is not a resource identifiable by an ID within the Auth0 Management API,
# guardian can be imported using a random string.
#
# We recommend [Version 4 UUID](https://www.uuidgenerator.net/version4)
#
# Example:
terraform import auth0_guardian.my_guardian "24940d4b-4bd4-44e7-894e-f92e4de36a40"