Hi,
Is there a way to add MFA such as One-time Password or SMS (Only if user has configured one) when executing a forgot password flow?
Eg. this is the flow I am looking for:
- User clicks on forgot password
- User enters email
- User gets a verification email
- User clicks on verification link and gets redirected to Auth0 reset password page
- User first needs to authenticate using his default MFA provider
- If MFA is successful then user enters new password and saves it.
1 Like
At this time the reset password flow through universal login does not support the flow you mention; in other words, MFA won’t be prompted as part of that flow. If you haven’t done so already I would suggest you to leave your feedback (use case) through Auth0: Secure access for everyone. But not just anyone.. I know this is already being tracked in product backlog, but I don’t believe to be something on the immediate plans so the more feedback received the better product team can gauge demand and requirements.
1 Like
Hi,
Where can we see any updates/news on that topic?
We are also quite interested in this flow.
Thanks
Daniel
Are there any updates on this? We’re looking to implement the exact same thing
1 Like
Hello folks! Just an update here that we are actively working on this enhancement. Stay tuned for for upcoming announcements here and/or in the Auth0 Changelog.