Issue re-enrol user after reset MFA

Hi,

I’m getting issue when trying to re-enrol user MFA after resetting his/her MFA.
It works when re-enrolling the user into authenticator OTP but it keeps on throwing the following error message when I tried with SMS OTP:
Seems that you have already enrolled, try logging in again from the application.

Steps to reproduce:

  1. User is enrolled for OTP
  • email_verified attribute is set to true
  1. Perform Reset MFA on the Auth0 Management Page
  2. Create new MFA Enrollment ticket using the following command:
    management.guardian.tickets.create({
    user_id: ‘{userId}’,
    send_mail: true
    });
  3. User click the link and select SMS as the OTP.

Any idea what could be the issue? Would the mobile number require to be unique that no user would share the same mobile number?

Thanks,

Santo

Here is how I set it up:
uses a custom database login script. where it always set the email_verified property to true.

Once I set the email_verified to false, the SMS OTP is working, but now I have lost ability to OTP using email…

My plan is to always enable email and recovery code but allow user to pick one of the mains - either authenticator or SMS.

Thanks,

I’m having the same issue as well. My situation:

Observation: Check OTP, Email, and SMS for MFA in dashboard

  1. Reset MFA for user with verified email
  2. Login as normal through the universal login page
  3. OTP prompt shows up, but click “I prefer SMS”
  4. Add phone number
  5. Says I’m already enrolled and I should login to the app

If I login to the app, I’m going to get prompted with the MFA setup. If I use OTP it works ok. I just wanted the option for my user to be able to use all 3 options if he’d like.

Current workaround:

Disable email MFA as that’s giving a enrollmentConflict error message from https://auth0.com/docs/universal-login/multifactor-authentication

Update: It isn’t working because I’m using classical login page. I think if you use the new login page and enable the 3 of them, it will work. Not sure because I haven’t tested it out.

Hey vermvfx,

I’ve always been using new login so I’m guessing the result would be similar…
I have turned SMS off for the time being …

Santo

I forgot my MFA recovery code. Help me.

You need to follow this procedure:

https://community.auth0.com/t/account-locked-mfa-resets-requests/22920/3