Configure Push Notifications for MFA

The Guardian SDKs for iOS and Android allow you to use a custom-built app for vendor-specific push notification services. You can configure push notifications for the AWS Simple Notification Service (SNS) platform or use Direct to Vendor services to add Firebase Cloud Messaging (FCM) and Apple Push Notification (APN) credentials directly in Auth0.

AWS SNS Configuration

Before you configure push notifications, follow the prerequisites below:

  1. Create an SNS Platform Application using AWS Management console and note it’s ARN.

  2. Create an AWS Access Key ID authorized to create Platform Application endpoints. Guardian automatically creates a Platform Application endpoint with an appropriate device token as part of a successful enrollment.

Configure push notifications with AWS SNS

To receive push notifications from Guardian, you first need to override Guardian's default SNS settings. Then, you can configure push notifications for Android and iOS.

  1. On the Auth0 Dashboard, navigate to Security > Multi-factor Auth and select Push via Auth0 Guardian. If the method is inactive, select the toggle at the top right to enable it.

    Auth0 Dashboard > Security > Multi-factor Auth > Guardian

  2. Select Custom to reveal additional settings.

  3. In the Push Notification Service section, choose Amazon SNS.

Auth0 Dashboard > Security > Multi-factor Auth > Guardian > Custom > Amazon SNS
  1. In the Amazon SNS Configuration section, complete the following fields:

    Field Description
    AWS Access Key ID Your AWS Access Key ID.
    AWS Secret Access Key Your AWS Secret Access Key.
    AWS Region Your AWS application's region.

  2. Select Save to complete your changes.

Configure push notifications for Android using FCM

To configure Android push notifications on your Auth0 Dashboard, first retrieve your FCM server credentials. For full details, review Google's Firebase documentation.

  1. Navigate to the Firebase Console and select your applicable project.

  2. Open the Settings menu and choose Service Accounts.

  3. Select Generate New Private Key to download your credential file.

After you retrieve your credentials, you can configure push notifications on your Auth0 Dashboard.

Configure push notifications for iOS using APNs

To configure iOS push notifications on your Auth0 Dashboard, first retrieve your APN certificate.

  1. Generate a new APN certificate from your Apple developer account.

  2. Install the certificate locally.

  3. Find the Apple Sandbox Push Services: {AppId} certificate in your Keychain Access.

  4. Export the certificate and the associated private key to a P12 file without a password (default name: Certificates.p12).

  5. To generate a P12 file using Triple DES instead of RC2, run

    openssl pkcs12 -in Certificates.p12 -legacy -nocerts -nodes -out pk.pem -passin pass:"" &&
    openssl pkcs12 -in Certificates.p12 -legacy -nokeys -out cert.crt -passin pass:"" &&
    openssl pkcs12 -export -inkey pk.pem -in cert.crt -descert -out Certificate_3des.p12 -passout pass:"" &&
    rm pk.pem cert.crt

    Was this helpful?

    /

  6. Delete Certificates.p12 and use Certificate_3des.p12 as the APN certificate in the Auth0 Dashboard.

After you retrieve your credentials, you can configure push notifications on your Auth0 Dashboard.

Learn more