Our application is invite-only, and we are achieving this following the Auth0 Invite-only tutorial. When a user clicks on the “change password” link received in an email and sets a password, the user also needs to enrol for SMS authentication. In the this form, the user chooses whatever phone number to enrol. Is it possible to lock this field with a predefined phone number from the user metadata or something similar?
Alternatively, it would be nice to check that the enrolled phone number matches the one registered when creating the user. However, the phone number is partially masked when retrieving it using the Management API, so it seems we cannot automate this task.
Is there a way to achieve what we want?