Problem statement
If a user is unable to pass MFA, they will be stuck on the MFA page and there is no way to invalidate their session to sign in with a different user. Refreshing the page to sign in with a different account will actually skip the login page and bring you straight back to this MFA challenge. Is there a way to go back to the login prompt so that users can change their credentials if necessary?
Solution
Currently, this can be achieved by including a link in your page template (Universal Login Pages) that points to a different page that logs the user out and then redirects them back to the login page. Unfortunately, you won’t be able to include the link on the widget itself, but you can make it appear as a link above/underneath the widget. Here is an example of a page template that includes this link that only appears on the MFA pages:
<!DOCTYPE html>
<html lang="{{locale}}">
<head>
{%- auth0:head -%}
<title>{{ prompt.screen.texts.pageTitle }}</title>
</head>
<body class="_widget-auto-layout">
{% if prompt.name == "mfa-otp" or prompt.name == "mfa-recovery-code" %}
<div class="prompt-wrapper">
<a href="https://YOUR_LOGOUT_LINK">Click here to Change Accounts</a>
{%- auth0:widget -%}
</div>
{% else %}
<div class="prompt-wrapper">
{%- auth0:widget -%}
</div>
{% endif %}
</body>
</html>
If you would like to see this functionality in a future release of Auth0, we would encourage you to vote for this feature request here: User stuck in MFA stage of login if they are unable to pass MFA