Hi, I am trying to integrate MFA in my own custom design. I want to gave the MFA access to user, they can decide whether they want MFA enabled or disables from their profile. Only users who have enabled MFA should have the MFA flow others should have the normal login flow. Can anyone assist me on this please.
Welcome to the Auth0 Community!
There isn’t a built-in feature to facilitate optional MFA, but that doesn’t mean it’s impossible!
You can leverage Actions to enforce custom MFA policy. Here’s an example of forcing MFA given a certain criteria.
You could Enroll and Challenge Email Authenticators from your app, then add a flag (for example
"mfa_enrolled":true) the user’s app_metadata and prompt for MFA in an action whenever you see that flag.
Let me know if you have any questions and we can look into it!
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.