Hey Auth0 folks,
Back in 2017 there was this topic (Enforce MFA for Dashboard Admins) about enforcing MFA for dashboard admins. The response was that it’s still in-progress, and the thread is now locked. Has this been implemented? I didn’t see any option to require MFA from my dashboard admins, and given how much of a weakpoint they are it’d be very nice to force them to have MFA.
Cheers,
Kevin
My assumption is that it’s not there yet, but another way to enforce it is to use a federated login into the dashboard (i.e. GSuite, AzureAD) and enforce MFA on IdP side.
(Federation needs to be enabled by support and whether it’s available might depend on the plan you’re on, afaik it’s not available on a free plan and might just be on Enterprise).
Thanks for the response @mathiasconradt! Unfortunately we’re using the internal Auth0 database so no federation for us right now - do you happen to know if the enforced-MFA is in the pipeline? (I know your profile says that you’re not at Auth0 anymore, so respecting that you might not know)
Unfortunately not, I’d leave this to someone at Auth0 to provide a correct up-to-date info.
Hey guys, any update on this?
Hi @rob6,
No update on this. You can create a feature request for it: Feature Request.
Its now 2025, The first question came along in 2017
Second time in 2021…
Has there been an update to this effort?
Hey @cbailey,
Thanks for revisiting this thread regarding MFA enforcement for dashboard admins.
MFA enforcement is now required for Auth0 Dashboard admins who log in with one of the following methods:
For more information, please refer to our Action required: Multifactor Authentication (MFA) for Auth0 by Okta Administrators announcement about this.
Let me know if you have any follow-up questions.
Thanks,
Rueben