Hello I would like to implement a 2FA with GraphQL. In my case, I want my API to be compliant with PSD2.
Is this possible and how can I implement this, when I want to send a OTP to a user?
Here is an extract from PSD2 to the two factor authentication:
an authentication based on the use of two or more elements categorized as knowledge (something only the user knows), possession (something only the user possesses) and inherence (something the user is) that are independent, in that the breach of one does not compromise the reliability of the others, and is designed in such a way as to protect the confidentiality of the authentication data.
You'll need one mutation for the credentials (typically username and password) and a second one for the 2nd factor. Otherwise GraphQL doesn't know anything about 2FA, it's all up to you to decide what the factors are and how to implement the exchanges. You can use 3rd party tools like Auth0 or Okta, doesn't really matter.