Skip to main content
The Kotlin SDK provides step-up authentication through the StepUpAuthModule, accessible via DynamicSDK.getInstance().stepUpAuth. You can check requirements, prompt built-in UI flows, or call individual verification methods for a fully custom experience. After verification, the elevated access token is automatically stored and applied to subsequent API calls. You never need to manually handle the token. For concepts, scopes, and token lifecycle, see Step-up authentication overview.

Prerequisites

  • DynamicSDK initialized with your environment ID
  • At least one verification method enabled in your dashboard security settings
  • Step-up authentication enabled for your environment

Quick start

The pattern is: check → verify → proceed.

Checking step-up requirements

Use isStepUpRequired to check whether the user needs to re-verify for a given scope:

Prompt methods (built-in UI)

These methods show Dynamic’s built-in UI for step-up authentication. The SDK handles method selection and user interaction. All methods are suspend functions — call them from a coroutine scope.

promptStepUpAuth

Automatically chooses between MFA and re-authentication based on the user’s configuration. This is the recommended approach.

promptMfa

Explicitly prompts the user with MFA methods (passkey or TOTP). Use this when you know the user has MFA configured.

promptReauthenticate

Explicitly prompts the user to re-authenticate using a non-MFA method (email OTP, SMS OTP, or external wallet signature).

Individual verification methods

For custom UI implementations, you can call individual verification methods directly.

Email/SMS OTP

Wallet signature (external wallets only)

Wallet-based step-up verification is only available for external wallets. Embedded wallets cannot be used for step-up authentication.

Passkey MFA

TOTP MFA

Recovery code

Resetting state

Reset the step-up authentication state when needed (for example, when the user navigates away):

Full example

Here’s a complete Jetpack Compose example that checks step-up requirements and prompts the user:

Error handling

Wrap verification calls in try-catch blocks to handle user cancellations and verification failures:

API reference

StepUpAuthModule

Parameters

All prompt methods accept optional parameters: All individual verification methods and prompt methods are suspend functions and must be called from a coroutine scope.

Available scopes

See the complete scopes reference for all supported values.
Last modified on April 16, 2026