I have Google Authenticator OTP MFA enabled for our app. When testing this, on my first login I was prompted with a qr code to scan. Next I was prompted to enter my access code. Everything worked fine and it authenticated and let me into the app. But, after logging out, when prompted to enter a new code, when I enter a valid code it keeps redirecting me back to having to enter a code, and not redirecting to the app. It does still recognize if an invalid code is entered. In the logs, it does also confirm that login and authentication was successful, so it does seem to be a redirect issue. Any suggestions? TIA!
Hi @jcastronovo,
Welcome to the Auth0 Community!
Are you seeing this issue persist across different browsers (chrome vs safari vs firefox etc.)
Have you tried an incognito window?
Thank you @dan.woda
I have only tested in chrome and incognito.
Can you try another browser?
Sorry, yes I tested in other browsers and the same thing is happening. Basically, I am being redirected to the app initially after entering a valid OTP code, but before anything renders at all it redirects me back to the OTP page
Would you please DM me a HAR of the transaction you are seeing?
We worked this out in a DM. It looks like this was a result of a conflict between the built-in MFA and a contextual MFA rule.