Multi-Factor Authentication in ASP.NET Core Without Identity: Feasibility for Custom User Models

[vsfeedback]

This issue has been moved from a ticket on Developer Community.

---

Hello,

I would like to know if it’s possible to implement multi-factor authentication (MFA) in ASP.NET Core without using Identity.

I have a multi-tenant application with internal users (employees) and external users (clients), each with their own authentication and permission rules. Due to the complexity of the project, I’m using a custom DbContext, and I would like to understand if it’s possible to follow the MFA setup from the tutorials:

https://learn.microsoft.com/en-us/aspnet/core/security/authentication/mfa?view=aspnetcore-8.0
https://learn.microsoft.com/en-us/aspnet/identity/overview/features-api/two-factor-authentication-using-sms-and-email-with-aspnet-identity?source=recommendations

and apply it to any custom user and permission classes.

My main question is: can I adapt these MFA configurations to my custom user model, adjusting the user tables and permissions as needed, or is only Identity is required for this functionality?

Thanks!

---

Original Comments

Feedback Bot on 10/24/2024, 02:06 AM:

Thank you for taking the time to provide your suggestion. We will do some preliminary checks to make sure we can proceed further. You will hear from us in about a week on our next steps.