I am using a custom login experience through Branding → Universal Login → Manage Classic Login, where we have implemented a custom login page.
We recently enabled MFA via a post-login action, and the MFA flow itself is working as expected. However, when we attempt to customize the MFA theme from the same Classic Login Page settings, the changes are not reflected during the MFA challenge.
Since MFA is configured as optional and triggered conditionally through post-login actions, we cannot enforce MFA as “always required” from the Security settings. Because of this, we are unable to rely on the standard MFA configuration options for styling.
Could you please clarify:
Whether MFA UI theming is supported when MFA is triggered conditionally via post-login actions?
If not, is there an alternative or recommended approach to customize the MFA appearance in this setup?
Whether MFA UI theming is supported when MFA is triggered conditionally via post-login actions?
Basically, no. When enforcing MFA through a PostLogin Action, the API performs a redirect, leaving your custom page entirely. The browser flow is sent to the standard, built-in MFA challenge page which is the Universal Login one.
If not, is there an alternative or recommended approach to customize the MFA appearance in this setup?
In this situation, if you wish to keep using your customized Classic Login pages, you can either:
Customize the Universal Login MFA screens via the Dashboard to reflect the same customizations as your Classic Login (Additionally, can you let me know what kind of customizations are you looking for on the MFA page?)
Toggle MFA to Always or Adaptive MFA and configure it accordingly to your needs in order to use the customized page.
@nik.baleca I am mainly planning to have my own set of designs like a completely new template for the MFA page. Just like we can do with login and password reset page.
I tested this setup and it worked to some extent; however, some users may want to bypass the page depending on how they configure their MFA preferences, which wouldn’t be supported with Always or Adaptive MFA.
Unfortunately, in that situation, unless you are looking to migrate to the Universal Login from the Classic one, the only available option would be to customize the specific prompt under the Dashboard → Branding → Universal Login → Edit text and translations. You can also set custom text elements of the specific prompts by using the Management API.
Otherwise, I would recommend submitting a topic on our Feedback page in regards to the Actions MFA API using the UL template instead of the Classic one when Classic Login is selected.