teddy8
August 11, 2025, 1:21pm
1
Hi I’m trying to start adding MFA to my users via an action - I don’t want to enable it globally (yet).
As it stands users only have to enter their userid & password once per session, but are asked for MFA between each app.
if (event.user.app_metadata.mfa_required) {
api.multifactor.enable("any");
}
I’ve had success with this - but I would prefer to keep remember browser off if possible. I just want them to enter it once per session.
if (event.user.app_metadata.mfa_required) {
api.multifactor.enable("any", {allowRememberBrowser: true});
}
Hi @teddy8 ,
This community post should be of help.
Hi @s.kimura ,
Welcome to the Auth0 Community!
The enable() method turns on the ability to use email as an MFA method. This should be enabled from the dashboard at Security > Multi-factor Auth. If you want to customize which MFA factor challenges the user, you must set Require Multi-factor Auth to Never, and turn off MFA Risk Assessors.
[Screenshot 2025-08-06 at 6.21.21 PM]
Save, and then, at Additional Settings, turn on Customize MFA factors using Actions
[Screenshot 2025-08-06 at 6.24.36…
You can modify it for your specific use case inside of the Action. By using this method, you will be responsible for when exactly the MFA challenge will be triggered.
If you have any other questions, feel free to reach out!
Have a good one,