Maybe I looked in the wrong places, but I didn't find anything in your documentation about how the MFA options can be configured.
My questions are the following:
- is it possible to enforce both SMS and email verification, i.e., that both occur, not just one of them?
- is it possible to configure at what point in the flow these verifications occur?
- if not, do these verifications occurs at the end of the registration flow, or how does the registration flow look specifically?
Thanks for your help!