We have OpenDJ LDAP with basic LDAP schema.
We are using some built in field (mobile) to map if the user needs to do MFA process (mobile = 0, no MFA needed, and mobile =1, MFA required)
We want to lazy migrate the users to Auth0 (when user loggs in first time, we connected to our LDAP via Auth0 LDAP connector). We can transfer the field via profile mapper, however, we cannot get this field in the actions event.user object, and make action MFA decision based on that, since this considered a “custom” field, and we either need to some how replicate it to user_metadata or find another approach to make this group of users to go in MFA process inside Auth0.
One of the approaches we considered is to create ORG and put all users that requires MFA, and just put MFA on org level (every1 in the org == MFA required). What is the best practice for this (when custom LDAP external field used), and we are talking about lazy migration, not bulk sync