MFA Factors and Policy not prompting user to pick configured factor

araje · September 5, 2023, 10:35am

For my tenant I have configured multiple MFA factors (One Time Password and Email). In addition, under policy, I set “Require Multi-factor Auth” to Always. Under Additional Settings, I have set “Show MFA options” to enabled.

With these settings I was expecting the Universal Login plugin to show the user options on login just as it seems to indicate on the Admin portal

“If active, users will be prompted to choose a factor to enroll in. If inactive, user will be automatically prompted for a factor based on what is enabled and most secure.”

Am I doing something wrong or have I missed some more config to make this work as expected?

nathan.jenkins · September 6, 2023, 4:24pm

Hi @araje ,

This behaviour is expected since Auth0 doesn’t like Email being used as the only MFA Factor, this is because the email is not a true MFA Factor..
So even though you are requesting to see a list of options, Auth0 will automatically prompt for the OTP, unless you enable other Factors to be made available to the user.

Thanks!

system · September 20, 2023, 4:24pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.