Skip to main content
Enrolling in MFA does not automatically verify the user for wallet operations. Once enrolled, subsequent wallet actions will require MFA verification. See the verification guides for how to complete MFA verification.
Enroll users in MFA using SMS, where they authenticate with a 6-digit code sent to their phone number.
If your app has enabled SMS as a possible login method, users will not be able to enroll SMS as a valid MFA method.SMS must either be used as a login method to secure user accounts, or as an MFA method for additional security on the users’ wallets, but cannot be used for both.

Setup

To enroll users in MFA with SMS, use the initEnrollmentWithSms and submitEnrollmentWithSms methods returned by the useMfaEnrollment hook:

Initiating enrollment

First, prompt your user to enter the phone number they’d like to use for MFA. Then, call Privy’s initEnrollmentWithSms method. As a parameter, pass a JSON object with a phoneNumber field that contains the user’s provided phone number as a string.
Once initEnrollmentWithSms is called with a valid phone number, Privy will send a 6-digit MFA enrollment code to the provided number. This method returns a Promise that will resolve to void if the code was successfully sent, or will reject with an error if there was an error sending the code (e.g. invalid phone number).

Completing enrollment

Next, prompt the user to enter the 6-digit code that was sent to their phone number, and use the submitEnrollmentWithSms method to complete enrollment. As a parameter, you must pass a JSON object with both the original phoneNumber that the user enrolled, and the mfaCode they received at that number.
The component below serves as a reference implementation for how to enroll your users in MFA with SMS!
Example enrolling a phone number for MFA