Custom MFA via Actions and ROP Flow Does Not Return an mfa_token

rueben.tiow · April 26, 2024, 7:16pm

Problem statement

Within Multi-factor Auth settings in the dashboard:

If Always is selected, the following response is received with an mfa_token in the response:

{
"error": "mfa_required",
"error_description": "Multifactor authentication required",
"mfa_token": "Fe26.2*SERVER…"
}

Customizing MFA by adding an Action to Login Flow via methods in this document.

The following response has been received. There is no mfa_token in the response.

{
"error": "mfa_required",
"error_description": "Multifactor authentication required",
}

This is a known limitation, and a solution should be released in the foreseeable future.

Topic		Replies	Views
Not able to refresh token if mfa is eanbled (Error: mfa_required) Help mfa , one-time-password-otp-factor	6	3887	April 7, 2023
Not able to login 1st time when mfa is enabled gettiing error (mfa_required) Help mfa , mfa-api	4	934	November 1, 2023
MFA Challenge 'server_error' 'Unauthorized' Help token , auth0 , mfa , mfa-sms	7	3065	December 22, 2022
How to build custom MFA pages Help mfa , mfa-api	6	1959	April 27, 2023
Post-login action and MFA Help mfa , mfa-prompt-new-experience	3	481	May 24, 2024