Step 3: Step-up MFA events
⏱ 3 minTrack MFA verification and sensitive actions for Step-up Auth
MFA Verification Success
const mfaResult = await transcodes.openAuthIdpModal({
resource: 'admin',
action: 'read',
});
if (mfaResult.success && mfaResult.payload[0]?.success) {
await transcodes.trackUserAction({
tag: 'admin:access',
severity: 'high',
status: true,
metadata: { action: 'read' },
});
// Proceed with protected action
}MFA Verification Failed
const mfaResult = await transcodes.openAuthIdpModal({
resource: 'users',
action: 'delete',
});
if (!mfaResult.success || !mfaResult.payload[0]?.success) {
await transcodes.trackUserAction({
tag: 'user:delete',
severity: 'high',
status: false,
error: mfaResult.payload[0]?.error || 'MFA verification failed',
metadata: { action: 'delete' },
});
}Sensitive Action with Webhook Alert
await transcodes.trackUserAction(
{
tag: 'payment:transfer',
severity: 'high',
status: true,
metadata: { amount: 1000 },
},
{ webhookNotification: true }
);Framework Examples
React
const handleAdminAccess = async () => {
const mfaResult = await transcodes.openAuthIdpModal({
resource: 'admin',
action: 'read',
});
if (mfaResult.success && mfaResult.payload[0]?.success) {
await transcodes.trackUserAction({
tag: 'admin:access',
severity: 'high',
metadata: { action: 'read' },
});
window.location.href = '/admin';
}
};Common trackUserAction tags (audit)
These strings are trackUserAction({ tag }) labels, not openAuthIdpModal parameters. For IDP step-up, use resource + action on openAuthIdpModal (see Modal API).
| Tag | Typical audit event |
|---|---|
admin:access | Admin panel access |
user:delete | Account deletion |
document:delete | Document deletion |
payment:transfer | Financial transaction |
data:export | Data export |
Related
- Audit API - Full
trackUserActionreference - Passkey-first Login - Login implementation
- Step-up Auth - MFA implementation
Last updated on