I am trying to have an alternate MFA with guardian if SMS isn’t working for the user. I would like to use OTP by email if the user can’t validate with the oob code sent by SMS. However, when I submit the OTP code sent by email, I get this error:
MFA Error: The user does not support the requested challenge type (OTP). Supported type: oob.
All the endpoints seem correct, when i call /mfa/challenge I indicate challenge type as “oob otp” but I am still receiving the error. Any help would be appreciated, I can provide more details of the flow if necessary.