Manage the Authenticators for Multi-factor Authentication

Auth0 provides several API endpoints to help you manage the authenticators you're using with an application for multi-factor authentication (MFA).

Before you start

The MFA endpoints require an Access Token with:

  • audience: Set to https://YOUR_DOMAIN/mfa/
  • scope: Include enroll for enrollment, read:authenticators to list authenticators, and remove:authenticators to delete authenticators.

For example:

List Authenticators

To get a list of the authenticators a user has associated and can be used with your tenant, you can make the appropriate call to the /mfa/authenticators endpoint:

You should receive information about the authenticator type(s) in the response:

Delete Authenticators

To delete an associated authenticator, send a delete request to the /mfa/authenticators/AUTHENTICATOR_ID endpoint (be sure to replace AUTHENTICATOR_ID with the relevant authenticator ID).

If the authenticator was deleted, a 204 response is returned.