Hi Auth0 team,
We’re designing an MFA flow using Universal Login and Auth0 Actions, and we want to confirm if the following behavior is supported and reliable within the current Auth0 platform.
Intended MFA Flow:
- First-time MFA users (not enrolled in any factor):
- Display both OTP (Authenticator App) and SMS enrollment options.
- Ideally, we want OTP shown above SMS to encourage the more secure option.
- User chooses one and completes enrollment.
- Users already enrolled with SMS:
- On login, they’re challenged via SMS by default.
- We want to support the use of the “Use different method” link so they can choose to enroll in OTP at that point (and vice versa for SMS).
Questions:
- Is this behavior (especially OTP enrollment via “Use different method” link during MFA challenge) reliably supported by the New Universal Login?
- Can we ensure OTP enrollment is offered when clicking “Use different method” if the user has not yet enrolled in OTP?
Our goal is to encourage more secure OTP usage but still provide SMS as an option and fallback, all within a clean and consistent login experience.
Thanks in advance for your help