Your understanding is correct, after having setup your Auth0 account to enforce the use of MFA through Google Authenticator each end-user after having provided their credentials would be asked to enroll/setup the use of MFA for their user account. This would be a one-time procedure for each end-user.
You can read more about using Google Authenticator for MFA at:
- Admin Guide - Troubleshoot Multi-Factor Authentication Issues
- User Guide - Troubleshoot Multi-Factor Authentication Issues