Custom MFA with Email With Resource Owner Password Grant

mmohanan · July 7, 2020, 2:25pm

Hi,

I am trying to implement Custom MFA with Email. I have enabled mfa at the application level and added rules for that client application.
So while trying to authorize with AuthenticationApiclient (C#, auth0 nuget) using ResourceOwnerTokenRequest, it does throws me an error for mfa_required, but the mfa_token is not available in the ApiError object in the exception.

var result = client.GetTokenAsync(new ResourceOwnerTokenRequest
{
ClientId = auth0ClientId,
ClientSecret = auth0ClientSecret,
Audience = “https://domain.auth0.com/api/v2/”,
Scope = "openid profile ",
Realm = “Username-Password-Authentication”, // Specify the correct name of your DB connection
Username = “abcdefg@email.com”,
Password = “strong_password”,
});

While i do the similar stuff with http client and grant_type as “http://auth0.com/oauth/grant-type/password-realm”, i do receive the mfa_token in the response.

Any pointers will be helpful. Thanks in advance

dan.woda · July 9, 2020, 5:37pm

I tested this through Postman and am successfully getting an mfa_token returned. This makes me think it is an issue with the SDK.

Can you please create an issue in the repo?

Thanks,
Dan

mmohanan · July 13, 2020, 6:48am

Hey, just looked in to the existing issues and it was handled already by #376.
Seems like my nuget was old as it was an old existing poc.
Since release of nuget 7.0.3 this issue was resolved.
Thanks

dan.woda · July 13, 2020, 6:44pm

Thanks for updating the thread. Glad you figured it out.

dan.woda · July 28, 2020, 6:45pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.