Could someone explain how to enable google auth for existing users? The following thread is unclear how the process should work:
https://auth0.com/forum/t/enable-2fa-for-existing-users-google-authenticator/3671/2
From my understanding of the last reply for a registered user without MFA they would be prompted to setup google auth on login?
Your understanding is correct, after having setup your Auth0 account to enforce the use of MFA through Google Authenticator each end-user after having provided their credentials would be asked to enroll/setup the use of MFA for their user account. This would be a one-time procedure for each end-user.
You can read more about using Google Authenticator for MFA at:
Thanks for confirming my understanding is correct.
When testing this using lock I get an error when a user authenticates and it never shows the MFA setup step to the user.
Do you know what could be causing this problem?
You may be using an unsupported flow through Lock or just have it misconfigured; the automatic enroll/setup implies that user is doing authentication as part of a redirect-based flow where the user-agent can be redirected to the enrollment page. I would advise you to create a new question detailing what exactly you’re using (Lock version, options, types of connections, etc) and also any error information you may have.
Thanks, I have raised a new support ticket here: Issue using Lock in SPA for API authorization and MFA - Auth0 Community to cover the issue in more detail with lock.