MFA user has reached the maximum number of permitted authenticators

Problem Statement

In our tenant logs, we noticed multiple instances of the message Guardian - User has created the maximum amount of authenticators.

Cause

If a user doesn’t have a confirmed authenticator and hits a challenge endpoint, they will receive this error. This could be caused by multiple reasons, such as changes to the customized SMS/MFA hook.

Solution

Currently, the only way to resolve this issue is to perform an MFA Reset for each affected user.