Returns the Authenticator Assurance Level (AAL) for the active session.
aal1 (or null) means that the user's identity has been verified only with a conventional login (email+password, OTP, magic link, social login, etc.).aal2 means that the user's identity has been verified both with a conventional login and at least one MFA factor.When called without a JWT parameter, this method is fairly quick (microseconds) and rarely uses the network. When a JWT is provided (useful in server-side environments like Edge Functions where no session is stored), this method will make a network request to validate the user and fetch their MFA factors.
Takes in an optional access token JWT. If no JWT is provided, the JWT from the current session is used.