Amazon SNS

Amazon Simple Notification Service (SNS) is a highly available, durable, secure, fully managed pub/sub messaging service that enables you to decouple microservices, distributed systems, and serverless applications. Amazon SNS provides topics for high-throughput, push-based, many-to-many messaging. Using Amazon SNS topics, your publisher systems can fan out messages to a large number of subscriber endpoints for parallel processing, including Amazon SQS queues, AWS Lambda functions, and HTTP/S webhooks. Additionally, SNS can be used to fan out notifications to end users using mobile push, SMS, and email.

You can send multi-factor authentication (MFA) text messages using the Amazon Simple Notification Service (SNS). Amazon Simple Notification Service (SNS) is a pub/sub messaging service that enables Auth0 to deliver multi-factor verification via text messages. To learn more, see the Amazon SNS Overview.

Note: The following steps will add text-message-based MFA to the login flow for the tenant in which you're working. We highly recommend testing this setup on a staging or development server before making the changes to your production login flow.

Prerequisites

Before you begin:

• Make sure you have an Auth0 account and tenant. Sign up for free.

Set up the partner application

To configure your integration with Amazon SNS:

• Sign up for Amazon Web Services.
• Capture your Amazon Web Service region.
• Create a new Amazon IAM User with the AmazonSNSFullAccess role.
• Capture the user's access key and secret key details.

Add the Action

1. Select Add Integration (at the top of this page).
2. Read the necessary access requirements and click Continue.
3. Configure the integration using the following fields:

• AWS Region
• AWS Access Key ID
• AWS Secret Access Key

1. Click Create to add the integration to your Library.
2. Click the Add to flow link on the pop-up that appears.
3. Drag the Action into the desired location in the flow.
4. Click Apply Changes.

Activate custom SMS factor

To use the SMS factor, your tenant needs to have MFA enabled globally or required for specific contexts using rules. To learn how to enable the MFA feature, see:

• Enable MFA
• Customize MFA

The last steps are to configure the SMS Factor to use the custom code and test the MFA flow. Note: Once you complete the steps below, Auth0 will begin using this factor for MFA during login. Before activating this integration in production, please make sure you have configured all components correctly and verified on a test tenant.

1. Go to Dashboard > Security > Multi-factor Auth and click the Phone Message factor box.
2. In the modal that appears, select Custom for the delivery provider, then make any adjustments you'd like to the templates. Click Save when complete, and close the modal.
3. Enable the SMS factor using the toggle switch to begin using this factor.

Test MFA flow

Trigger an MFA flow and verify that everything works as intended.

Troubleshoot

If you do not receive the text message, look in your tenant logs for a failed Phone Message log entry. To learn which event types to search, see the Log Event Type Code list, or you can use the Filter control to find MFA errors.

Make sure that:

• The Action is in the Send Phone Message flow.
• The secrets are the same ones you created in the steps above.
• Your Amazon Web Services account is active (not suspended).
• Your phone number is formatted using the E.164 format.