Ready to post? 
First, try searching for your answer.
Require Multi-factor Auth - NEVER is Setting to ALWAYS from NO where.
We are using a post-login trigger to set MFA for a particular organization in our tenant. exports.onExecutePostLogin = async (event, api) => { if (event.organization && event.organization.metadata && event.organization.metadata["use_mfa"] == 'true') { console.log("MFA enabled for this organization: " + event.organization.display_name); api.multifactor.enable('any', { allowRememberBrowser: false }) } console.log("onExecutePostLogin execution ended."); };
Hi @vivek.negi1,
Welcome to the Auth0 Community.
We’re sorry for the inconvenience. Unfortunately the value cannot change automatically. To change the value of Require Multi-factor Auth select the value and then click on Save. In addition, Actions affecting Multi-factor Auth will take precedence over this setting.
If you have any other questions feel free to ask us.
Have a good one,
Vlad
What is the default value of this Require Multi-factor Auth ? I came to know that when ever our auth0 terraform code run it is set to ALWAYS.
We do have a post-login action for this. In that we check if any Organization Metadata have use_mfa = true. Code belwo
exports.onExecutePostLogin = async (event, api) => {
if (event.organization && event.organization.metadata && event.organization.metadata["use_mfa"] == 'true')
{
console.log("MFA enabled for this organization: " + event.organization.display_name);
api.multifactor.enable('any', {
allowRememberBrowser: false
})
}
console.log("onExecutePostLogin execution ended.");
};
If this is the case “Actions affecting Multi-factor Auth will take precedence over this setting.”
Why it enabled/Show up MFA for all organizations then?
