Prompt MFA based on user Meta Data

I am using Laravel 5.6 with Auth0 hosted login page. I have enabled MFA.

What I want to achieve is to use the Management API to create users using the standard email and password login connection type and then prompt the user if they would like MFA for extra security. Users are stored in both my DB and Auth0. Therefore, is it possible for the login lock to only request the email address, search the user and depending on whatever flag I can set somewhere (maybe user metadata) to then either prompt for a password or initiate MFA?

Since I am using Auth0 hosted login, I am not confident using javascript so any help on what changes need to be made where would be greatly appreciated!

Is the user Meta data a place to use as the flag to determine if the user requires MFA? I don’t know.
Do I need to move from Auth0 hosted login to my own domain to achieve this? I don’t know.

Thank you!

I cannot seem to edit the post. Changes to the request is to continue to allow Auth0 to prompt username/password and based on a flag of the user will the MFA be initiated or not is what I am trying to achieve.

Possible to get an update from anyone? I believe this question is isolated to updating the user meta data with MFA?

I think what you are looking for (conditional MFA) is documented in the two links below:

https://auth0.com/docs/multifactor-authentication/user-initiated-mfa

1 Like

Legend! So many docs on different mechanics on MFA and just missed this one vital piece. It all makes sense.

Thanks again mate.

1 Like