Rules can be configured within your actions to gain more control over when users are challenged. This can be useful when you want to reserve challenges for certain conditions, such as when a user is logging in from a new device.

Example of a new device rule

In the Authsignal Portal for your login action, create a rule that triggers a challenge when a user is on a new device.

Then include a deviceId in your track action request for Authsignal to evaluate the rule.

const response = await authsignal.track({
  userId: user.id,
  action: "login",
  attributes: {
    redirectUrl: "https://yourapp.com/callback",
    deviceId: "user-device-id",
  },
});

if (response.state === UserActionState.CHALLENGE_REQUIRED) {
  // The user should be presented with a challenge
}

Learn more about obtaining the user’s deviceId.

Create rules with your business-specific data

While Authsignal provides a powerful set of predefined data points to create rules with, you may find yourself wanting to create rules based on your business-specific data. For example, you may only want to challenge a user when their payment amount exceeds a certain threshold.

For your payment action, you would create a rule that triggers a challenge when the payment amount exceeds a certain threshold:

Then include the paymentAmount in your track action request for Authsignal to evaluate the rule.

const result = await authsignal.track({
  userId: user.id,
  action: "payment",
  attributes: {
    redirectUrl: "https://yourapp.com/callback",
    custom: {
      paymentAmount: 1000,
    },
  },
});

const url = result.url;

Next steps