I am using Laravel 5.6 with Auth0 hosted login page. I have enabled MFA.
What I want to achieve is to use the Management API to create users using the standard email and password login connection type and then prompt the user if they would like MFA for extra security. Users are stored in both my DB and Auth0. Therefore, is it possible for the login lock to only request the email address, search the user and depending on whatever flag I can set somewhere (maybe user metadata) to then either prompt for a password or initiate MFA?
Is the user Meta data a place to use as the flag to determine if the user requires MFA? I don’t know.
Do I need to move from Auth0 hosted login to my own domain to achieve this? I don’t know.