Biometrics With Email


We are trying to implement ‘WebAuthn with FIDO Device Biometrics’ for our mobile app.
We get following error when only ‘Email’ is set as the secondary factor:
“error”: “invalid_request”,
“error_description”: “No confirmed authenticators for the enabled factors”

Is it necessary to select Google authenticator or similar as a factor?
For mobile apps, it becomes rather difficult to scan QR code.

Is there a way for users to get the authentication code via mail when enabling biometrics?

Thank you

Hi @Sophia_V,

Welcome to the Auth0 Community!

You are seeing this error because device biometrics requires an alternate backup factor. This is due to the fact the the biometric factor is tied to a specific device and this would not allow for login on another device.

Further, the email factor is not treated as a true 2nd factor because it is tied to the same factor as the password. More details on that here.

You will need to set up true second factor (e.g. SMS) to continue with device biometrics.

Thank you for getting back to us.
We currently have the ‘free’ subscription.
Is it possible to set SMS as the second factor in the free subscription plan?

SMS is not included in the free plan. In fact, no MFA features are included in the free plan.

You can see the pricing breakdown here if you click the Compare Plans button.

Thank you for letting us know.

1 Like

No problem. Please let us know if you have any other questions!

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.