We have enabled Phone message, Email as MFA factors. While requesting any sensitive scopes, I have a check in action to force user to complete MFA with any of the factors.
api.multifactor.enable("any");
I have a special case like
- Complete step-up authentication with EMAIL while changing phone number
- Complete step-up authentication with Phone message while changing email
How can I force user to select only given factor to completing step-up authentication?