We have a requirement to use a custom email service.
This service embeds an email provider and exposes a POST endpoint which accepts custom parameters and when called builds an email with those parameters (and a pre-registered template) and sends the email.
We want to use MFA with email, generate the verification code within Auth0 and post the code to the email service.
I was wondering if such use case is achievable and if so how ?
While investigating I came across auth0-guardian.js/basic_widget.html at master · auth0/auth0-guardian.js · GitHub which, although relies on client-side scripts, appears to query specific /mfa endpoints to pass state across requests.
I also read Redirect Users from Within Rules which suggests any custom MFA flow can be done from a separate domain (is my understanding correct ?)
Any chance you could provide some guidance ?