Member-only story
Enabling MFA in Auth0 for a single client application
Auth0 provides MFA as an additional license add-on to several of its plans. If you don’t build your initial authentication and authorization strategy with MFA, consideration must be given for how you plan to perform enrollment and enforce its use.
You could flip the big switch and require all client connections to use MFA.
Depending on the maturity of your deployment this may be the right option. Topcoder has been using Auth0 for some time with dozens of applications requiring a bit more planning before flipping the big switch.
Phased approach
To better understand the enrollment process and any other operational issues, we’ve decided to enable MFA on a few individual clients applications that are configured to allow Auth0 to function as an IdP.
This approach requires 3 steps
- Create a rule that uses client meta data
- Enable multi-factor options that you can support
- Add meta data to client application.
