Hi ,
In our system, users can login with their email address and password, and change their profile in personal page in their browser.
If users change their profile like name, phone number, etc, the metadata collected in Auth0 would be updated by management API.
Then, I have one question.
When users change their phone number, we want to let users confirm their phone number.
How should we do to achieve this point?
We think that the process would be below.
1: Users enter their new phone number.
2: SMS tied to new phone number would be sent to users.
3: Users enter the verification code provided via SMS.
4: Their phone number would be changed from old one to new one.
In my opinion, users don’t use their phone number to login, but just verifying their phone number.Therefore, we think that we don’t have to use the function such as passwordless authentication, and multiple factor authentication.
What do you think about this topic?
Thanks