To enable MFA, you toggle on the factors (such as push notifications or SMS) you choose to enable in the Dashboard on your tenant. Next, you perform any further setup required to configure that factor, and last, you choose whether you wish to force MFA for all users or not.
You can also customize your MFA flow with Auth0 rules, to allow MFA to only be required in specific circumstances or force a particular factor to be used.
To enable the factors you require, go to Dashboard > Multifactor Auth. Here you will find a series of toggles for the MFA factors supported by Auth0.
Any or all of these factors can be enabled simultaneously. When logging in the first time, the user will be shown the most secure factor available but will be allowed to choose another factor to use if you have more than one factor enabled in the Dashboard. The SMS and Duo factors require further setup. You will have to click on the factor and fill in a few further settings before continuing.
Under Policies, next to Require Multi-factor Auth, choose Always or Never. If set to Always, users will be able to use any of the factors enabled in the Dashboard.
Configure your factors.