Guidance on Customizing Authentication & MFA Pages

swati.jadhav · January 24, 2025, 11:53am

Hi,

We currently have an enterprise account with Auth0, which is actively used in our production environment. We now have a requirement to completely revamp our authentication flow, involving significant changes to the user interface. This includes redesigning the login page, MFA setup page, OTP verification page, recovery code validation page, and similar components.

At present, we are using the Universal Login feature from the Branding section. I’ve also explored the Classic design offered by Auth0. However, neither the Universal Login nor the Classic option seems to allow customization of the MFA pages to meet our specific UI requirements.

Is there a way for us to build these pages ourselves (using a React application) while relying on Auth0 APIs for the underlying processing? This would allow us to fully manage the custom UI and maintain it in our GitHub repository.

Please guide us on how to achieve this.

Thank you!

dawid.matuszczyk · January 24, 2025, 1:42pm

Hi @swati.jadhav

Welcome to the Auth0 Community!

Thank you for posting your question. Based on your description, I think there are two ways that you can continue. First is to use the Universal Login Templates, which allows for deeper customization of your flow → https://auth0.com/docs/customize/login-pages/universal-login/customize-templates or Building Beautiful Login Pages with Auth0. Your 2nd option would be to build the whole UI by your team and tie it with the Authentication API → Authentication API Explorer. 1st option is quicker and allows for faster delivery

Thanks
Dawid

swati.jadhav · January 29, 2025, 4:33am

Hi,

Thanks for getting back to me. We’d like to proceed with Option 2, as it gives us more control over the UI and allows us to use Auth0 APIs directly.

I do have a few questions:
In our system, users first log in with a username and password. Once validated, we want to enforce MFA based on specific flags. To authenticate using MFA, we understand that a token needs to be passed with the request. Could you outline the steps or APIs required to integrate MFA with Auth0? Also, which approach would you recommend for this implementation?

Looking forward to your guidance.

swati.jadhav · January 30, 2025, 5:24am

Referring to this post, I tried creating MFA token with /authorize API along with audience and scopes. But somehow its not working. I am getting unauthorized / service not registered error. Could you please help?

curl --location 'https://procore-poc.us.auth0.com/oauth/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImJTbTJNUDJMeW8tM1dtdmpjRlJrYyJ9.eyJpc3MiOiJodHRwczovL3Byb2NvcmUtcG9jLnVzLmF1dGgwLmNvbS8iLCJzdWIiOiJvc3dzTzZBR1RiU3RVOXNqcUxoU0tMTEhHTVF6QTdJN0BjbGllbnRzIiwiYXVkIjoiaHR0cHM6Ly9wcm9jb3JlLXBvYy51cy5hdXRoMC5jb20vYXBpL3YyLyIsImlhdCI6MTczODIwNTIyOSwiZXhwIjoxNzM4MjkxNjI5LCJzY29wZSI6InJlYWQ6Y2xpZW50X2dyYW50cyBjcmVhdGU6Y2xpZW50X2dyYW50cyBkZWxldGU6Y2xpZW50X2dyYW50cyB1cGRhdGU6Y2xpZW50X2dyYW50cyByZWFkOnVzZXJzIHVwZGF0ZTp1c2VycyBkZWxldGU6dXNlcnMgY3JlYXRlOnVzZXJzIHJlYWQ6dXNlcnNfYXBwX21ldGFkYXRhIHVwZGF0ZTp1c2Vyc19hcHBfbWV0YWRhdGEgZGVsZXRlOnVzZXJzX2FwcF9tZXRhZGF0YSBjcmVhdGU6dXNlcnNfYXBwX21ldGFkYXRhIHJlYWQ6dXNlcl9jdXN0b21fYmxvY2tzIGNyZWF0ZTp1c2VyX2N1c3RvbV9ibG9ja3MgZGVsZXRlOnVzZXJfY3VzdG9tX2Jsb2NrcyBjcmVhdGU6dXNlcl90aWNrZXRzIHJlYWQ6Y2xpZW50cyB1cGRhdGU6Y2xpZW50cyBkZWxldGU6Y2xpZW50cyBjcmVhdGU6Y2xpZW50cyByZWFkOmNsaWVudF9rZXlzIHVwZGF0ZTpjbGllbnRfa2V5cyBkZWxldGU6Y2xpZW50X2tleXMgY3JlYXRlOmNsaWVudF9rZXlzIHJlYWQ6Y29ubmVjdGlvbnMgdXBkYXRlOmNvbm5lY3Rpb25zIGRlbGV0ZTpjb25uZWN0aW9ucyBjcmVhdGU6Y29ubmVjdGlvbnMgcmVhZDpyZXNvdXJjZV9zZXJ2ZXJzIHVwZGF0ZTpyZXNvdXJjZV9zZXJ2ZXJzIGRlbGV0ZTpyZXNvdXJjZV9zZXJ2ZXJzIGNyZWF0ZTpyZXNvdXJjZV9zZXJ2ZXJzIHJlYWQ6ZGV2aWNlX2NyZWRlbnRpYWxzIHVwZGF0ZTpkZXZpY2VfY3JlZGVudGlhbHMgZGVsZXRlOmRldmljZV9jcmVkZW50aWFscyBjcmVhdGU6ZGV2aWNlX2NyZWRlbnRpYWxzIHJlYWQ6cnVsZXMgdXBkYXRlOnJ1bGVzIGRlbGV0ZTpydWxlcyBjcmVhdGU6cnVsZXMgcmVhZDpydWxlc19jb25maWdzIHVwZGF0ZTpydWxlc19jb25maWdzIGRlbGV0ZTpydWxlc19jb25maWdzIHJlYWQ6aG9va3MgdXBkYXRlOmhvb2tzIGRlbGV0ZTpob29rcyBjcmVhdGU6aG9va3MgcmVhZDphY3Rpb25zIHVwZGF0ZTphY3Rpb25zIGRlbGV0ZTphY3Rpb25zIGNyZWF0ZTphY3Rpb25zIHJlYWQ6ZW1haWxfcHJvdmlkZXIgdXBkYXRlOmVtYWlsX3Byb3ZpZGVyIGRlbGV0ZTplbWFpbF9wcm92aWRlciBjcmVhdGU6ZW1haWxfcHJvdmlkZXIgYmxhY2tsaXN0OnRva2VucyByZWFkOnN0YXRzIHJlYWQ6aW5zaWdodHMgcmVhZDp0ZW5hbnRfc2V0dGluZ3MgdXBkYXRlOnRlbmFudF9zZXR0aW5ncyByZWFkOmxvZ3MgcmVhZDpsb2dzX3VzZXJzIHJlYWQ6c2hpZWxkcyBjcmVhdGU6c2hpZWxkcyB1cGRhdGU6c2hpZWxkcyBkZWxldGU6c2hpZWxkcyByZWFkOmFub21hbHlfYmxvY2tzIGRlbGV0ZTphbm9tYWx5X2Jsb2NrcyB1cGRhdGU6dHJpZ2dlcnMgcmVhZDp0cmlnZ2VycyByZWFkOmdyYW50cyBkZWxldGU6Z3JhbnRzIHJlYWQ6Z3VhcmRpYW5fZmFjdG9ycyB1cGRhdGU6Z3VhcmRpYW5fZmFjdG9ycyByZWFkOmd1YXJkaWFuX2Vucm9sbG1lbnRzIGRlbGV0ZTpndWFyZGlhbl9lbnJvbGxtZW50cyBjcmVhdGU6Z3VhcmRpYW5fZW5yb2xsbWVudF90aWNrZXRzIHJlYWQ6dXNlcl9pZHBfdG9rZW5zIGNyZWF0ZTpwYXNzd29yZHNfY2hlY2tpbmdfam9iIGRlbGV0ZTpwYXNzd29yZHNfY2hlY2tpbmdfam9iIHJlYWQ6Y3VzdG9tX2RvbWFpbnMgZGVsZXRlOmN1c3RvbV9kb21haW5zIGNyZWF0ZTpjdXN0b21fZG9tYWlucyB1cGRhdGU6Y3VzdG9tX2RvbWFpbnMgcmVhZDplbWFpbF90ZW1wbGF0ZXMgY3JlYXRlOmVtYWlsX3RlbXBsYXRlcyB1cGRhdGU6ZW1haWxfdGVtcGxhdGVzIHJlYWQ6bWZhX3BvbGljaWVzIHVwZGF0ZTptZmFfcG9saWNpZXMgcmVhZDpyb2xlcyBjcmVhdGU6cm9sZXMgZGVsZXRlOnJvbGVzIHVwZGF0ZTpyb2xlcyByZWFkOnByb21wdHMgdXBkYXRlOnByb21wdHMgcmVhZDpicmFuZGluZyB1cGRhdGU6YnJhbmRpbmcgZGVsZXRlOmJyYW5kaW5nIHJlYWQ6bG9nX3N0cmVhbXMgY3JlYXRlOmxvZ19zdHJlYW1zIGRlbGV0ZTpsb2dfc3RyZWFtcyB1cGRhdGU6bG9nX3N0cmVhbXMgY3JlYXRlOnNpZ25pbmdfa2V5cyByZWFkOnNpZ25pbmdfa2V5cyB1cGRhdGU6c2lnbmluZ19rZXlzIHJlYWQ6bGltaXRzIHVwZGF0ZTpsaW1pdHMgY3JlYXRlOnJvbGVfbWVtYmVycyByZWFkOnJvbGVfbWVtYmVycyBkZWxldGU6cm9sZV9tZW1iZXJzIHJlYWQ6ZW50aXRsZW1lbnRzIHJlYWQ6YXR0YWNrX3Byb3RlY3Rpb24gdXBkYXRlOmF0dGFja19wcm90ZWN0aW9uIHJlYWQ6b3JnYW5pemF0aW9uc19zdW1tYXJ5IGNyZWF0ZTphdXRoZW50aWNhdGlvbl9tZXRob2RzIHJlYWQ6YXV0aGVudGljYXRpb25fbWV0aG9kcyB1cGRhdGU6YXV0aGVudGljYXRpb25fbWV0aG9kcyBkZWxldGU6YXV0aGVudGljYXRpb25fbWV0aG9kcyByZWFkOm9yZ2FuaXphdGlvbnMgdXBkYXRlOm9yZ2FuaXphdGlvbnMgY3JlYXRlOm9yZ2FuaXphdGlvbnMgZGVsZXRlOm9yZ2FuaXphdGlvbnMgY3JlYXRlOm9yZ2FuaXphdGlvbl9tZW1iZXJzIHJlYWQ6b3JnYW5pemF0aW9uX21lbWJlcnMgZGVsZXRlOm9yZ2FuaXphdGlvbl9tZW1iZXJzIGNyZWF0ZTpvcmdhbml6YXRpb25fY29ubmVjdGlvbnMgcmVhZDpvcmdhbml6YXRpb25fY29ubmVjdGlvbnMgdXBkYXRlOm9yZ2FuaXphdGlvbl9jb25uZWN0aW9ucyBkZWxldGU6b3JnYW5pemF0aW9uX2Nvbm5lY3Rpb25zIGNyZWF0ZTpvcmdhbml6YXRpb25fbWVtYmVyX3JvbGVzIHJlYWQ6b3JnYW5pemF0aW9uX21lbWJlcl9yb2xlcyBkZWxldGU6b3JnYW5pemF0aW9uX21lbWJlcl9yb2xlcyBjcmVhdGU6b3JnYW5pemF0aW9uX2ludml0YXRpb25zIHJlYWQ6b3JnYW5pemF0aW9uX2ludml0YXRpb25zIGRlbGV0ZTpvcmdhbml6YXRpb25faW52aXRhdGlvbnMgcmVhZDpzY2ltX2NvbmZpZyBjcmVhdGU6c2NpbV9jb25maWcgdXBkYXRlOnNjaW1fY29uZmlnIGRlbGV0ZTpzY2ltX2NvbmZpZyBjcmVhdGU6c2NpbV90b2tlbiByZWFkOnNjaW1fdG9rZW4gZGVsZXRlOnNjaW1fdG9rZW4gZGVsZXRlOnBob25lX3Byb3ZpZGVycyBjcmVhdGU6cGhvbmVfcHJvdmlkZXJzIHJlYWQ6cGhvbmVfcHJvdmlkZXJzIHVwZGF0ZTpwaG9uZV9wcm92aWRlcnMgZGVsZXRlOnBob25lX3RlbXBsYXRlcyBjcmVhdGU6cGhvbmVfdGVtcGxhdGVzIHJlYWQ6cGhvbmVfdGVtcGxhdGVzIHVwZGF0ZTpwaG9uZV90ZW1wbGF0ZXMgY3JlYXRlOmVuY3J5cHRpb25fa2V5cyByZWFkOmVuY3J5cHRpb25fa2V5cyB1cGRhdGU6ZW5jcnlwdGlvbl9rZXlzIGRlbGV0ZTplbmNyeXB0aW9uX2tleXMgcmVhZDpzZXNzaW9ucyBkZWxldGU6c2Vzc2lvbnMgcmVhZDpyZWZyZXNoX3Rva2VucyBkZWxldGU6cmVmcmVzaF90b2tlbnMgY3JlYXRlOnNlbGZfc2VydmljZV9wcm9maWxlcyByZWFkOnNlbGZfc2VydmljZV9wcm9maWxlcyB1cGRhdGU6c2VsZl9zZXJ2aWNlX3Byb2ZpbGVzIGRlbGV0ZTpzZWxmX3NlcnZpY2VfcHJvZmlsZXMgY3JlYXRlOnNzb19hY2Nlc3NfdGlja2V0cyBkZWxldGU6c3NvX2FjY2Vzc190aWNrZXRzIHJlYWQ6Zm9ybXMgdXBkYXRlOmZvcm1zIGRlbGV0ZTpmb3JtcyBjcmVhdGU6Zm9ybXMgcmVhZDpmbG93cyB1cGRhdGU6Zmxvd3MgZGVsZXRlOmZsb3dzIGNyZWF0ZTpmbG93cyByZWFkOmZsb3dzX3ZhdWx0IHJlYWQ6Zmxvd3NfdmF1bHRfY29ubmVjdGlvbnMgdXBkYXRlOmZsb3dzX3ZhdWx0X2Nvbm5lY3Rpb25zIGRlbGV0ZTpmbG93c192YXVsdF9jb25uZWN0aW9ucyBjcmVhdGU6Zmxvd3NfdmF1bHRfY29ubmVjdGlvbnMgcmVhZDpmbG93c19leGVjdXRpb25zIGRlbGV0ZTpmbG93c19leGVjdXRpb25zIHJlYWQ6Y29ubmVjdGlvbnNfb3B0aW9ucyB1cGRhdGU6Y29ubmVjdGlvbnNfb3B0aW9ucyByZWFkOnNlbGZfc2VydmljZV9wcm9maWxlX2N1c3RvbV90ZXh0cyB1cGRhdGU6c2VsZl9zZXJ2aWNlX3Byb2ZpbGVfY3VzdG9tX3RleHRzIHJlYWQ6Y2xpZW50X2NyZWRlbnRpYWxzIGNyZWF0ZTpjbGllbnRfY3JlZGVudGlhbHMgdXBkYXRlOmNsaWVudF9jcmVkZW50aWFscyBkZWxldGU6Y2xpZW50X2NyZWRlbnRpYWxzIHJlYWQ6b3JnYW5pemF0aW9uX2NsaWVudF9ncmFudHMgY3JlYXRlOm9yZ2FuaXphdGlvbl9jbGllbnRfZ3JhbnRzIGRlbGV0ZTpvcmdhbml6YXRpb25fY2xpZW50X2dyYW50cyIsImd0eSI6ImNsaWVudC1jcmVkZW50aWFscyIsImF6cCI6Im9zd3NPNkFHVGJTdFU5c2pxTGhTS0xMSEdNUXpBN0k3In0.LO_ZRmV6lvVRBmt3M6dLSK_RRq3hM--3DBsQEhRIOo7mGNRdZdkcJ4K_vybyycCX_InAG38lmStS5KbNmGJdGr3Z5KRnX8tY68RqYc8NI2nA__UawgFTkG4J81_j2OiR84X1flGwGoQxMlSHDZSAtXac9RPSx5HKajFa7hFz4wb-eFjd5CJY3EbeeouDdIvIBaGVcLYbJLW6jJz0Ldo6Uiru--t9hm-mFnkyfnbodt9fd9wOPysGeO0V_w5-sQOBUK6fIzdOG87LlpEH4mUF5-wdyHYz4DM8yLiFJIHKh2sDEXbRB0Q_QEyOKNmLIXsswM6aXcaRjof3Vzgq2X6Adw' \
--header 'Cookie: _cfuvid=2Ba65M1SVWByu7LbXuHwII9CKCH.1r8t.ePISzujpRQ-1738045146104-0.0.1.1-604800000; auth0=s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQM9bkGk9TfDwCdWN7YwItWHOgTAg5n7__QIbdqVc6JrRSEjKk7b0S17qGvhFP19Ekk1la2_O_hafto885lIXyBemY29va2llg6dleHBpcmVz1_8hI-MAZ53IBK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.RlAb%2B4bbel7ltKkevIW%2F9vqKSJVOtS5n4gEAPFFwqDU; auth0_compat=s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQM9bkGk9TfDwCdWN7YwItWHOgTAg5n7__QIbdqVc6JrRSEjKk7b0S17qGvhFP19Ekk1la2_O_hafto885lIXyBemY29va2llg6dleHBpcmVz1_8hI-MAZ53IBK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.RlAb%2B4bbel7ltKkevIW%2F9vqKSJVOtS5n4gEAPFFwqDU; did=s%3Av0%3A47fea5fa-c7cc-46fc-aa64-eb5f523f7df1.7sTeQLnVJfhCzZeeP1OSCou5cUELmpBe5KtpWfLKl2k; did_compat=s%3Av0%3A47fea5fa-c7cc-46fc-aa64-eb5f523f7df1.7sTeQLnVJfhCzZeeP1OSCou5cUELmpBe5KtpWfLKl2k' \
--data '{
    "grant_type": "client_credentials",
    
    "audience": "https://procore-poc.us.auth0.com/mfa/",
    "client_id": "oswsO6AGTbStU9sjqLhSKLLHGMQzA7I7",
    "client_secret": "NEJecgKn5z33K6JFsLvVg2NApChc2m2APy4eAgNHlA2dDk4EMxbKtDtpAAAPeaug",
    "scope": "enroll read:authenticators delete:authenticators"
    
    
}'

Topic		Replies	Views
How flexible can I get regarding customize new universal login page? Help auth0 , api , management-api , new-universal-login	3	2261	December 21, 2022
Custom MFA Screens Through Library Help auth0 , mfa	1	3860	February 4, 2021
Custom MFA page w/o using widget Help mfa , mfa-api	0	835	July 26, 2023
Customize MFA screen with other HTML elements Help mfa , mfa-api	2	48	September 2, 2024
Customize the UI of the MFA text page Help	3	3535	August 26, 2019

Guidance on Customizing Authentication & MFA Pages

Related topics