How to Get User's MFA Factor Details On First Login

Problem statement

When a user signs up and logs in for the first time, they are prompted to complete an MFA enrollment.

Is it possible to get the MFA factor, such as SMS MFA details, automatically sent back to the application once the user completes MFA enrollment?

Solution

Auth0 does not support this use case out of the box. A user is prompted for MFA after all extensibility has been run, so there is not an opportunity to leverage Actions to add any MFA enrollment information to outgoing tokens.

A potential solution, depending on the application configuration, would be to make a separate API request for this information once the user is returned to the application. This request, made by the application, would be to the Management API’s user MFA enrollment endpoint.

NOTE: This call would require that the application have a secure backend in order to first get a Management API access token via the Client Credentials Flow and then make the subsequent request. If the application is native or a SPA and cannot securely make a client credentials call, review the option provided in this Community post to call the Management API securely.