Secure Multi Factor Authentication with Azure Sphere

This site has been created in order to demonstrate using an Azure Sphere device to provide custom Multi-Factor Authentication. In order to do this we have configured Azure AD B2C (using the Identity Experience Framework) to call through to an Azure Function to obtain extra claims information. This Azure function uses Azure IoT Hub to invoke a direct method on the Azure Sphere device.

You'll find full details of how this was done on hackster.io and the source code on github.

Please feel free to try out the Multi-FactorAuthentication on this site using one of the following accounts:

Email address Password Multi-Factor Authentication configuration
sphere1@0xfred.com Sphere123 This account has no Multi-Factor Authentication setup. It will log straight in but have no access to the Admin page.
sphere2@0xfred.com Sphere123 This account is setup to use a press of "button_z" for MFA. Our Azure Function is setup to fake that this button has been pressed.
sphere3@0xfred.com Sphere123 This account is setup to expect an NFC tag with the ID "5469D2AB" for MFA. Unfortunately, as you don't have access to my Azure Sphere device this will most likely timeout.
sphere4@0xfred.com Sphere123 This account is setupto use a press of "button_a" for MFA. Unfortunately, as you don't have access to my Azure Sphere device this will most likely timeout.