I was thinking to set up another Auth0 Application, and use that to authenticate for these areas of our site.
Then we can manage users between the two spaces. Its not idea, but it should work.
Are there any reasons it wont, or is a terrible idea?
The other idea I had was to implement MFA locally to our server, and use Auth0 to store encryption keys for that data… but its not ideal