Allow a Tenant to force all Auth0 Dashboard users to have MFA active.
I would like to enforce that MFA is active for all users of the Auth0 Dashboard that can see and modify how our Auth0 Tenant is configured. Any users that do not have MFA active should be unable to access the dashboard until their MFA is setup.
It is undesirable to need to regularly check the Auth0 Dashboard manually to ensure all dashboard users currently have MFA enabled and to chase any users without MFA to enable it.
This request was originally raised a support ticket, but I was informed it was currently a product feature request with no ETA and that raising it here was the preferred way to upvote this product request priority. See also Enforce MFA for Dashboard Admins
Auth0 is a primary authentication mechanism for a service provided to our customers that expect PCI and SOC2 compliance so we want to ensure that the ability to modify how auth is performed is subject to strong security checks.