Is there a way to redirect the User to a universal login page where he is forced to enroll a new MFA factor?
We have an SPA using React and would like to allow the user to change his/her phone number used for MFA. The approach we wanted to take is the following because it doesn’t require us to build our own UI:
- On the frontend, list and remove the MFA then force the user to sign in again, this will force them to enter a new phone number for MFA
However this leaves the user without MFA for a short period of time which is a security issue. This is why we would like to know if there is an way to force the user to enroll a new authenticator without deleting the old first using universal login.