Hi everyone,
My application uses a single Auth0 tenant that supports multi-organization authentication. We want to enable MFA only for some organizations — is that possible with this setup?
Specifically:
-
Can MFA be enabled per organization (not tenant-wide) in Auth0?
-
If MFA is enabled for an existing organization, how does Auth0 handle existing user accounts in that org? Will users be prompted to enroll in MFA on next login, or is additional migration/configuration required?
-
Any recommended approach or pitfalls to watch for (rules, Actions, Guardian, custom flows, or required settings)?