Ready to post? 
First, try searching for your answer.
Require Multi-factor Auth - NEVER is Setting to ALWAYS from NO where.
We are using a post-login trigger to set MFA for a particular organization in our tenant. exports.onExecutePostLogin = async (event, api) => { if (event.organization && event.organization.metadata && event.organization.metadata["use_mfa"] == 'true') { console.log("MFA enabled for this organization: " + event.organization.display_name); api.multifactor.enable('any', { allowRememberBrowser: false }) } console.log("onExecutePostLogin execution ended."); };
Hi @vivek.negi1,
Welcome to the Auth0 Community.
We’re sorry for the inconvenience. Unfortunately the value cannot change automatically. To change the value of Require Multi-factor Auth select the value and then click on Save. In addition, Actions affecting Multi-factor Auth will take precedence over this setting.
If you have any other questions feel free to ask us.
Have a good one,
Vlad
What is the default value of this Require Multi-factor Auth ? I came to know that when ever our auth0 terraform code run it is set to ALWAYS.
We do have a post-login action for this. In that we check if any Organization Metadata have use_mfa = true. Code belwo
exports.onExecutePostLogin = async (event, api) => {
if (event.organization && event.organization.metadata && event.organization.metadata["use_mfa"] == 'true')
{
console.log("MFA enabled for this organization: " + event.organization.display_name);
api.multifactor.enable('any', {
allowRememberBrowser: false
})
}
console.log("onExecutePostLogin execution ended.");
};
If this is the case “Actions affecting Multi-factor Auth will take precedence over this setting.”
Why it enabled/Show up MFA for all organizations then?
By default it’s set to Never. But if you go to your dashboard you should be able to change it.
Make sure you save your settings after changing them.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.