Problem statement
A user was created in the Auth0 Management Dashboard, but their account was deleted from the tenants due to a long absence. When this account was provisioned again, the user could log in with their credentials and previously configured two-factor authentication (2FA), indicating the user was never deleted but only not visible in the dashboard. Is this expected?
Solution
This is expected behavior. In Auth0, tenant admins are provisioned on a separate tenant managed by Auth0. Our customers do not have access to this special tenant. When a user is added to a tenant for the first time, they are created to it.
Removing the admin from a customer tenant does not delete the user from this Auth0-managed tenant. Hence, when the same user is re-invited, they are not recreated, and their authentication credentials, including their 2FA are still valid.