Multi factor authentication enrollment without prompting user for phone number?

Going by the reference documentation if you use Auth0.js SDK to start a login flow through universal login you would only need to ensure that you include the MFA API audience when doing the request. The likely consideration is that if you’re already requesting an audience (for example, for your own API) this would imply you would need to do a separate request as you can only request a single audience per request.

However, although it may require an additional request it’s likely the user would not have to authenticate again as the second one would be satisfied by the existing session and could likely be completed without interaction.

1 Like