A few years back I wrote an article Two-factor authentication using Login Flow. It was a huge success. I received several emails from people requesting me to write more use cases around the concept. So, here it is!
Two-factor authentication is a security process in which users provide two means of identification – (1) regular user credential; and (2), typically something memorized, such as a security code.
Login flows gives you the flexibility to build a custom post-authentication process that meets your business requirements. For example, you want two-factor authentication only when a user is trying to log-in from a particular City, Subdivision, Zip code, County or Browser. Let us start with a business use case.
Business Use Case
Martin Jones is working as a System Administrator at Gurukul on Cloud (GoC). He has received a requirement from stakeholders to enable two-factor authentication only when a user (with profile – Sales Rep APAC) is trying to log-in to Salesforce from the cities outside of the following list:
- San Francisco
Solution for the above business requirement
To solve this requirement we will use many ingredients – including, Login Flow, Two Flows, Process Builder, Custom Object and Custom Metadata Type. Before trying to understand the technical aspect of the solution, let us spend some time to understand the general flow of our solution at a very high level. Please spend few minutes to go through the following flow diagram and understand it.
Before we proceed further, let us understand LoginGeo – a geographic location of the user’s IP address for a login event – such as, country, city, postal code objects – in Salesforce.
Read the rest of this entry!