How to show a message before forcing OTP enrollment in Universal Login?

Hi everyone,

We’re in the process of enhancing our MFA flow. Currently, most of our users are already enrolled with SMS as their MFA method. We’re now implementing OTP (Authenticator App) and want to transition all users toward using it for better security.

What we’re doing:

  • For new users, we already enforce OTP directly using api.authentication.enrollWith({ type: 'otp' }).
  • For existing users enrolled with SMS but not OTP, we plan to enforce OTP enrollment soon after a successful SMS login.

The challenge:

Before enforcing OTP enrollment, we’d like to show a message or confirmation prompt (e.g., “We’re migrating to OTP for better security — you’ll need to enroll now”) so users aren’t surprised when they hit the enrollment screen.

Ideally, this would be shown:

  • Inside Universal Login or the MFA flow itself
  • Without relying on custom JS injection or redirecting users to our own frontend

Is there any supported way to show this kind of notice or interstitial step before enforcing enrollment of a second factor (OTP) using Auth0’s New Universal Login?

Thanks in advance for your help!

Hi @dy.le, and welcome to the Auth0 Community!

Unfortunately, it is not currently possible to add a custom message to the enrollment flow without redirecting the user to a custom page. If you do consider redirecting the user, though, a post-login action that checks if the user has not yet been enrolled (using a flag in app_metadata) would be the best way to do it.

I hope this helps you, and don’t hesitate to ask more if something is unclear!

Sincerely,
Teodor.