We want to enforce 2FA for one or more user-roles. However it must be optional for any other user.
Currently my best attempt is this:
Any attempt has run in either of these issues so far:
- if several conditional flows are siblings, they are all executed and a user might be prompted twice if the role matches and he has a key configured
- if conditional is placed inside alternative flows, then if fails if a user has a different role - while users without any role work.
- 2 conditions in 1 conditional flow means both have to match
How is it possible to have a flow be both alternative AND conditional at the same time, and provide a do-nothing fallthrough?
edit: is it possible that “Condition - User Configured” does not work with WebAuthn?