MFA Actions - WebAuthn

vaishnavi.santhosh · January 7, 2026, 3:56am

I have the below code in Post login Action:

const hasWebAuthn = enrolledFactors.some(f => f.type === ‘webauthn-platform’);
if (hasWebAuthn) {

// Challenge with WebAuthn

console.log(‘webauthn-platform challenge’);

api.authentication.challengeWith({ type: ‘webauthn-platform’ });

} else {

// Enroll with WebAuthn

console.log(‘webauthn-platform enable’);

api.authentication.enrollWith({ type: ‘webauthn-platform’ });

}

As seen above, its pretty straightforward. But I would like to understand why when enrollWith runs, the options of Skip or Remind me later doesn’t show up. When MFA actions isn’t enabled, then the default biometric template shows the options.

Am i missing any other configuration? Please help.

Thanks!

remus.ivan · January 7, 2026, 6:46pm

Hi @vaishnavi.santhosh,

Welcome to the Auth0 Community!

This is actually the expected outcome in both scenarios, as I have tested this as well.

The reason why you are observing this behavior when enabling MFA via the Dashboard is because the WebAuthn with Device Biometrics for MFA can not be used as a stand alone MFA factor, so users must first enroll in a “traditional” method such as an Authenticator App or SMS. Auth0 tries asking users to “Log in faster on this device” after they’ve already completed another MFA factor (like SMS), thus the “Remind me later” option.

As described in the above mentioned documentation:

When you enable WebAuthn with Device Biometrics, Auth0 will try to progressively enroll all of an end-user’s WebAuthn-capable devices.

This outlines the Progressive Enrollment process, while this MFA factor is an optional addition in the meantime.

On the other hand, when using Actions for enabling MFA for your users, the api.authentication.enrollWith() type methods explicitly enforce users to go through the specified MFA factor. Given that the system treats it as a mandatory instruction, the users can not choose to “Skip” this step.

A related article on the matter could be this one - Making MFA Enrollment Optional.

I hope this helps and if you have further questions please let me know.
Best regards,
Remus

Topic		Replies	Views
'webauthn-platform' not included in MfaEnrollFactorType in mfa-factors library Get Help mfa , webauth-factor	2	21	December 26, 2025
Auth0 trigger > post login: User can skip webauth enrollment by clicking "No thanks" and the next subsequent action is called Get Help mfa , webauth-factor	4	137	January 21, 2025
Redirect to webauthn-platform enrollment Get Help login-experience , new-universal-login-experience	3	684	May 3, 2024
WebAuthn with FIDO Device Biometrics for MFA in Beta Announcements auth0 , mfa , announcements , biometrics , webauthn	3	3738	April 15, 2021
April 29 Auth0 Community Ask Me Anything: Multi-Factor Authentication (MFA) Community AMA Series	14	799	May 15, 2025

MFA Actions - WebAuthn

Related topics