I’m currently manually building a login flow that requires MFA enrollment. According to the documentation here → Common Auth0 Library Authentication Errors it looks like there are two separate error codes that can be returned when a user authenticates and MFA is required, the mfa_registration_required and mfa_required codes. The former is important for determining whether a user is already enrolled, but I for some reason the only code ever returned is mfa_required. Wondering if I’m missing something or if this feature is currently broken.
More info regarding my setup:
OTP is enabled as a second factor
MFA is being enforced via a Rule with the provider set to ‘any’.