Is there a way to add MFA such as One-time Password or SMS (Only if user has configured one) when executing a forgot password flow?
Eg. this is the flow I am looking for:
- User clicks on forgot password
- User enters email
- User gets a verification email
- User clicks on verification link and gets redirected to Auth0 reset password page
- User first needs to authenticate using his default MFA provider
- If MFA is successful then user enters new password and saves it.