Can We Let Users Enroll in OTP via “Use different method” After SMS Enrollment?

Get Help
,
1

Hi Auth0 team,

We’re designing an MFA flow using Universal Login and Auth0 Actions, and we want to confirm if the following behavior is supported and reliable within the current Auth0 platform.

Intended MFA Flow:

  1. First-time MFA users (not enrolled in any factor):
  • Display both OTP (Authenticator App) and SMS enrollment options.
  • Ideally, we want OTP shown above SMS to encourage the more secure option.
  • User chooses one and completes enrollment.
  1. Users already enrolled with SMS:
  • On login, they’re challenged via SMS by default.
  • We want to support the use of the “Use different method” link so they can choose to enroll in OTP at that point (and vice versa for SMS).

Questions:

  1. Is this behavior (especially OTP enrollment via “Use different method” link during MFA challenge) reliably supported by the New Universal Login?
  2. Can we ensure OTP enrollment is offered when clicking “Use different method” if the user has not yet enrolled in OTP?

Our goal is to encourage more secure OTP usage but still provide SMS as an option and fallback, all within a clean and consistent login experience.

Thanks in advance for your help

3

Hi @dy.le

Welcome to the Auth0 Community!

Thank you for posting your question. We have a similar scenario covered in our documentation regarding MFA enrollment, which you can find here → https://auth0.com/docs/secure/multi-factor-authentication/customize-mfa/customize-mfa-enrollments-universal-login

Please keep in mind that:

Actions (or series of Actions) in a tenant can only execute four of the following commands per user flow:

  • enrollWith
  • enrollWithAny
  • challengeWith
  • challengeWithAny

If this limit is exceeded (i.e., a fifth command of this type attempts to execute), an authentication error will occur.

Thanks
Dawid

4

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.