MFA User Workflow

How to turn on MFA

1. Go to Security → Multi-factor Auth in the sidebar

2. Enable the following:

   1. One-time Password

   2. Email

   3. Recovery Code

3. Go to Auth Pipeline → Rules in the sidebar

4. Hit “Create” button

5. Pick “Multifactor Authentication” template

6. Make changes to fit your needs

7. Verify

Commit the changes to https://github.com/soulmachines/auth0-manual-configurations

Enable MFA for an organization

1. Go to Auth Pipeline → Rules

2. Click “Multifactor Authentication”

3. Add the organization id in array mfaEnabledOrgs and save

How to update Email MFA template

1. Go to Branding → Email Templates

2. Select “Verification code for Email MFA” from the dropdown

3. Make changes to fit your needs

4. Verify

Commit the changes to https://github.com/soulmachines/auth0-branding-customizations

How to reset MFA

1. Go to User Management → Users in the sidebar

2. Find the user

3. Reset MFA in either way:

   1. From Actions dropdown, select Reset Multi-factor

   2. Scroll down and find Multi-Factor Authentication section, click “Reset MFA”

After performing the steps above, Email MFA stays but we can leave it because we use email as primary identifier, there is no need to reset it.

Reset MFA internal workflow

The internal workflow for resetting MFA is the following:

1. Customer contacts support

2. Support contacts production auth0 admins (Hidenari / Kai / Tim)

3. Auth0 admins perform the reset

4. Support contacts customer