Hey Auth0 folks,
Back in 2017 there was this topic (Enforce MFA for Dashboard Admins) about enforcing MFA for dashboard admins. The response was that it’s still in-progress, and the thread is now locked. Has this been implemented? I didn’t see any option to require MFA from my dashboard admins, and given how much of a weakpoint they are it’d be very nice to force them to have MFA.
Cheers,
Kevin
My assumption is that it’s not there yet, but another way to enforce it is to use a federated login into the dashboard (i.e. GSuite, AzureAD) and enforce MFA on IdP side.
(Federation needs to be enabled by support and whether it’s available might depend on the plan you’re on, afaik it’s not available on a free plan and might just be on Enterprise).
Thanks for the response @mathiasconradt! Unfortunately we’re using the internal Auth0 database so no federation for us right now - do you happen to know if the enforced-MFA is in the pipeline? (I know your profile says that you’re not at Auth0 anymore, so respecting that you might not know)
Unfortunately not, I’d leave this to someone at Auth0 to provide a correct up-to-date info.