How to verify phone number without passwordless and MFA

Hi ,

In our system, users can login with their email address and password, and change their profile in personal page in their browser.
If users change their profile like name, phone number, etc, the metadata collected in Auth0 would be updated by management API.

Then, I have one question.
When users change their phone number, we want to let users confirm their phone number.
How should we do to achieve this point?
We think that the process would be below.
1: Users enter their new phone number.
2: SMS tied to new phone number would be sent to users.
3: Users enter the verification code provided via SMS.
4: Their phone number would be changed from old one to new one.

In my opinion, users don’t use their phone number to login, but just verifying their phone number.Therefore, we think that we don’t have to use the function such as passwordless authentication, and multiple factor authentication.
What do you think about this topic?

Thanks

1 Like

Hi @canvas.future.paymen,

If the phone number isn’t part of the authentication or authorization process, it could be handled outside of Auth0. Auth0 doesn’t provide a feature for strictly verifying phone numbers, all phone interaction is tied to part of authentication, like passwordless or MFA as you’ve mentioned.

You could store this data within Auth0, in the user’s profile, but you will need to work out the verification flow you’ve described.

Hope that helps!

Hi Dan,

Thanks for your reply.
Well noted. I will refer your advice.
Many thanks!

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.