I’ve implemented contextual multifactor for a specific application using either SMS or Google Authenticator and the Auth0 Hosted Pages which works great.
My issue is that I’ve been asked to give users options on whether they use SMS or Google Authenticator as their MFA preference at sign up. I have both options switched on in the MFA dashboard but it’s not clear from the documentation I’ve seen as to what I set provider to in my MFA Rule.
If I set provider: any the user is only offered Google Auth but we need them to be offered a choice
If you enable both OTP and SMS in the dashboard and set provider:any, you should get this when enrolling:
I assume you are not getting that, is that correct?
Unless you are conditionally setting the provider you can try removing all rules that set the multifactor provider field. The default behavior is ‘provider:any’.
I have both SMS and OTP enabled and a rule as follows:
let CLIENT = ['XXX....'];
if (CLIENT.indexOf(context.clientID) !== -1) {
context.multifactor = {
provider: 'any',
allowRememberBrowser: false
};
}
If I enable OTP that shows, if I turn OTP off, SMS shows but never the both together!
I’ve also disabled the custom rule and applied the Policy checkbox of 'Always require MFA" and the result is the same, if OTP is on, that’s the only option that shows. If just SMS is on, SMS shows.