Configure OTP Notifications for MFA

Auth0 supports one-time passwords (OTPs) as multi-factor authentication factors. In order for users to leverage OTPs, you first must enable them as an MFA factor in your Auth0 tenant.

Once enabled for your application, users can enroll in OTPs when accessing your application. To do so, they must install an authenticator application on their device, such as:

Auth0 Guardian (Google Play / App Store)
Authy (Google Play / App Store)
Google Authenticator (Google Play / App Store)
Microsoft Authenticator (Google Play / App Store)

User OTP workflow

When a user attempts to sign up through a Universal Login prompt, they are prompted to scan a QR code to enroll in OTPs.

Auth0 Guardian OTP QR code setup example

If the user's device is detected as a mobile device, Universal Login skips the QR code screen and instead displays an enrollment code directly in the prompt.

The temporary one-time password enrollment screen as displayed on a mobile device.

After a user has enrolled in OTPs, they can use OTPs to log in to your application. To do so, they first retrieve a one-time code from their preferred authenticator app.

Then, they enter the one-time code in the login prompt.

Learn more

Enroll and Challenge OTP Authenticators

Secure

Configure OTP Notifications for MFA

User OTP workflow

Learn more