How to Disable MFA for Users Based on a Client Name or Client ID
Sep 10, 2025
Overview
This article describes how to disable Multifactor Authentication (MFA) for users based on their connection name or ID.
Applies To
- Multifactor Authentication (MFA) Actions
- Client Name
- Client ID
Solution
This requirement can be achieved by configuring a tenant and then using an Auth0 action.
- Ensure the tenant has Require Multi-factor Auth set to any option other than Never. For more information, please see Enable MFA in the Auth0 Dashboard.
- Then, override the behavior of the Require Multi-factor Auth setting in an Auth0 Login / Post Login Actions.
See an example code below:
exports.onExecutePostLogin = async (event, api) => {
const { client_id: app_id, name: app_name } = event.client;
const noMFA_ClientIds = ['client_id_1', 'client_id_2', 'client_id_3', 'client_id_4'];
const noMFA_Client_Names = ['client_Name_1', 'client_Name_2', 'client_Name_3', 'client_Name_4'];
const skipMFA = noMFA_ClientIds.includes(app_id) || noMFA_Client_Names.includes(app_name);
// disable MFA if skipMFA is true
if (skipMFA) api.multifactor.enable("none");
};
NOTE: This is a sample code. Please adapt and test code that fits the particular use case desired.
