MFA user has reached the maximum number of permitted authenticators

Problem Statement

In our tenant logs, we noticed multiple instances of the message Guardian - User has created the maximum amount of authenticators.

Symptoms

The limit is 50 authenticators per user. This error will be thrown when a user becomes associated with this number of authenticators.

Cause

If a user doesn’t have a confirmed authenticator and hits a challenge endpoint, they will receive this error. This could be caused by multiple reasons, such as changes to the customized SMS/MFA hook.

Solution

Currently, the only way to resolve this issue is to perform an MFA Reset for each affected user.