I’ve responded on the other thread: Default /mfa/ audience's token expiration time
This cannot be bypassed today. Feel free to add a note in our feedback page with your use case if you feel this should be configurable: Auth0: Secure access for everyone. But not just anyone.