Enable Multi-Factor Authentication
You can enable multi-factor authentication (MFA) for your tenant in the Auth0 Dashboard.
When you enable MFA, select the factors (such as push notifications or phone messages) you intend to make available to users and define a policy to determine when you require them to authenticate.
Auth0 supports a variety of factors you can enable for your users to complete authentication.
You must enable and configure at least one independent factor to require MFA for users on your tenant. You may enable multiple independent factors simultaneously as you’d like.
Available independent factors are:
You may enable one or more dependent factors once you’ve already enabled and configured at least one independent factor for users on your tenant.
Available dependent factors are:
Enable MFA in the Auth0 Dashboard
In the Factors section, enable and configure the factors you’d like to make available to users.
In the Define policies section, select a policy to determine when users will be prompted for MFA.
Never: MFA is not required for any logins.
Use Adaptive MFA: MFA is required based on Auth0 risk determination. To learn more, read Enable Adaptive MFA.
Always: MFA is required for all logins.
If you choose the Never or Always policy, the MFA Risk Assessors section appears. By default, the Enable Adaptive MFA Risk Assessment setting is disabled. Enable the toggle to assess and record risk for all login transactions in your tenant logs.
In the Additional Settings section, locate the Show Multi-factor Authentication options setting.
Enable this toggle to allow users to select authentication factors upon enrollment.
Disable this toggle to allow Auth0 to automatically select the most secure authentication factors upon enrollment.
Customize MFA flow
You can use Auth0 Actions to customize the MFA flow for users on your tenant. For example, you can create an Action to require MFA in specific circumstances, or to force a particular factor to be used.
To learn more, read Customize Adaptive MFA.