Auth0 Home Blog Docs

Multiple Guardian enrollments

guardian
enrollment
mfa

#1

Is it possible to have multiple Guardian enrollments for a single user?
The API is capable of giving me all enrollments for a user. However, when I trigger an enrollment ticket via the Guardian API, I can only authenticate with my present enrollment. It does not trigger a new enrollment process.
Would it be possible to have other enrollments besides a Guardian enrollment? If not, then why does the API call return a list of enrollments for the user?


#3

:wave: @jonas we can have multiple enrollments supported in Guardian with the new MFA api in the case where we are interacting with /oauth/token endpoint. When using /authorize flow, the enrollment will continue to support one enrollment.

For the list of enrollments, if you are referring to the /api/v2/users/{id}/enrollments endpoint you will see one enrollment. The new MFA api has a /mfa/authenticators endpoint that allows you to obtain a list of associated authenticators.


#4

@kim.noel
thanks for responding. I noticed your blog post introducing the new MFA API. It may cover my use case but I have yet to really play with it.
In any case, I’m now able to really judge what is possible which makes it a lot easier.


#5

@jonas great! Feel free to contact us, or DM me, if in the future you have any specific use cases you want to evaluate.