Event.request.query is Overwritten Between Post-Login Actions after MFA Challenge

auth0.knowledge3 · September 30, 2024, 5:25pm

Overview

For a post-login action, when triggering an MFA challenge (api.authentication.challengeWith) the next action will not have the event.request object details anymore from the login request.

Applies To

Actions
Multifactor Authentication (MFA)

Solution

This is the expected behavior currently. This is due to a current limitation in Actions:

“A new event.request object is issued anytime an Action flow is suspended and then subsequently resumed (for example, due to a redirect or MFA challenge).”

Related References

Actions Limitations

Topic		Replies	Views
Event.authentication.methods Not Updating after MFA Has Been Completed Knowledge Articles multifactor	1	127	July 12, 2024
Post-login action and MFA Help mfa , mfa-prompt-new-experience	3	572	May 24, 2024
Challenge the User for MFA before a redirection in Actions Knowledge Articles actions , mfa-enablement , forms	1	38	November 1, 2024
Properties missing after MFA Help mfa , mfa-api	0	84	June 27, 2024
Incorrect documentation for post-login action event object Help mfa , one-time-password-otp-factor	6	213	September 13, 2024

Event.request.query is Overwritten Between Post-Login Actions after MFA Challenge

Overview

Applies To

Solution

Related References

Related topics