Description:
This feature enables two-factor authentication (2FA) for partners/employees inside Auth0. It sets up a setting in the Auth0 UI to require users to set up 2FA upon login.
Behavior:
After login, the user must set up 2FA authentication.If the user has 2FA setup, they are prompted for the unique code on subsequent logins.Users can still log in using their email and password.The email address is designated as the primary key.Upon enabling Auth0, users are prompted to enter their phone number on login attempts.Session times remain the same as before the change.Users are redirected to the login screen regardless of their session expiration time and prompted to add their phone number for 2FA.Retro-Compatibility:
Legacy Auth functionality will be retro-compatibility tested to ensure it still works.
Notes:
A feature flag is currently off, but will be turned on after daily maintenance.MFA plan upgrades may affect the implementation of this feature.