Hello @leandro !
You can accomplish this by using a Post Login Action - Something like this:
exports.onExecutePostLogin = async (event, api) => {
//enforce mfa for specific client_id(s)
const mfaApp1 = "client_id_1";
const mfaApp2 = "client_id_2";
if (event.client.client_id === mfaApp1 || mfaApp2) {
console.log(`enforcing mfa for: ${event.client.client_id}`)
api.multifactor.enable(`any`);
} else {
console.log(`mfa not enforced for: ${event.client.client_id}`)
}
};
Important note - You’ll need to set to require MFA to Never in your tenant → Security → Multi-factor Auth in order for this to work.
Hope this helps!