Disable MFA for some logins for a user

rajivk · August 10, 2022, 6:33pm

On first login, we want the users to follow custom MFA(through redirection in login action). After that we want to enforce auth0 MFA. So when users login first time, we do not want Auth0 mfa to kick in. We have setup MFA Always from settings.

Temporary solution: We have set MFA as Never and on first login we redirect user from action for custom mfa and afterwards we enforce MFA by setting api.multifactor.enable('Any').

Is there any solutions like setting mfa to none first time and next time onwards, it keeps on enforcing because of the Always setting?

josiah_devizia · August 10, 2022, 7:06pm

You can set the provider to none to bypass the mfa policy I believe.

Note, this doc is about rules, but Actions are the recommended extensibility path. I assume it works the same, but you may want to verify first.

rajivk · August 11, 2022, 2:17pm

We already tried, it throws an error. But there should be something corresponding to this in actions as well. Action document does not mention none as provider.

Fails for action:

Topic		Replies	Views
How to disable MFA using actions? Help mfa , mfa-api	2	3060	February 17, 2023
Enable Specific MFA Provider Help mfa	0	1861	January 14, 2022
Can I configure MFA for a particular application not for all? Help mfa , one-time-password-otp-factor	6	1547	April 28, 2023
Use Rule to disable MFA Help mfa	4	4046	June 28, 2022
Skip MFA from Actions with api.multifactor.enable('none'); Knowledge Articles actions , adaptive_mfa , bypass-mfa	1	8	October 30, 2024

Disable MFA for some logins for a user

Related Topics