Feature: Extended or Configurable lifetime for Email MFA token.
Description: Similar to “Change Password (Link)” which has a “URL Lifetime” add a configurable field to “Verification Code for Email MFA”
Use-case: We rely on invite-only process for B2B relationships. Our customers commonly have employee turnover and Email MFA is the only MFA method (aside from SSO) that the Auth0 platform supports that is a factor the customers organization controls. (You lose access to your work email when your employment ends). User’s commonly complain about delays in receiving email that we have consistently tracked either aging infrastructure on the customers side, or inattention of the end user. To decrease from friction with our user base, and maintain our enforcement policies, I’m requesting that the Email MFA token lifetime is extended to, or can by configuration be extended to, 15 minutes.
Thank You