Failed Silent Auth. Multifactor authentication required error

ashish.yadav · July 26, 2020, 3:05am

Hi,

I’m using auth0-react sdk in my react application and using universal login with MFA enabled.
After login/MFA if I don’t check “remember this device for 30 days” I get the following error

Type : Failed Silent Auth
Description : Multifactor authentication required

and get logged out of the application.

If I check the option “remember this device for 30 days” then everything works fines.
Based on my research silent auth fails when MFA is enabled. Is there any way to bypass this?

I followed Auth0 React SDK Quickstarts: Login to setup auth0 in my react app and based on Authorization Code Flow with Proof Key for Code Exchange (PKCE).
This is the easiest way to implement the Authorization Code Flow with PKCE.

What am I missing?

Thanks

ashish.yadav · July 27, 2020, 6:56am

Tried the mentioned rule in Configure Silent Authentication

function (user, context, callback) {
  const completedMfa = !!context.authentication.methods.find(
    (method) => method.name === 'mfa'
  );
 
  if (completedMfa) {
    return callback(null, user, context);
  }
 
  context.multifactor = {
    provider: 'any',
    allowRememberBrowser: false
  };
 
  callback(null, user, context);
}

but without any luck

emb · August 11, 2020, 4:03pm

Experiencing the same issue with an angular app. Implementing the rule that is referenced above and in a few places throughout the boards did not resolve the issue for me either.

ashish.yadav · August 11, 2020, 8:43pm

Hey @emb

I was able to resolve this by setting Require Multi-factor Auth to Never in the “Multi-factor Auth dashboard”.

Thanks,
Ashish

emb · August 12, 2020, 1:00am

Thanks a lot @ashish.yadav - That’s what I was missing. I appreciate the help.

konrad.sopala · August 12, 2020, 10:36am

Glad you have it eventually working!

system · August 27, 2020, 10:42am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.