I have toggled on the “Enable Adaptive MFA Risk assessment” switch in the " Multi-factor Authentication" section of my tenancy. As a result, I have started getting the riskAssessment object in my logs. I notice that the riskAssessment object has an overall confidence value, which seems to be determined by the confidence values of the four Assessor (NewDevice, ImpossibleTravel, UntrustedIP and PhoneNumber). I would like to know how Auth0 determines the overall confidence. I have tried looking through the data but I could not arrive at a formula that will satisfy all the data points.
Hi @ashish.jamthe1, and thank you for your question!
The Confidence Score is determined based on how well the user’s input matches the Assessors. However, due to security reasons, we cannot share specific details of how the overall score is calculated.
Please check out our docs if you haven’t already. Hopefully, it will shed some light on how the confidence score is determined.
Sincerely,
Teodor.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.