Problem statement
I have enabled MFA One-time-password in my tenant, and display it with a rule based on an email address domain. It is working properly. But once entered the 6-digits auth code, I was redirected to the App where I got a blank screen with an error.
Solution
It seems to be related to silent authentication. Rules are executed each time the user successfully authenticates. It includes silent authentication as well.
You need to configure your Adaptive MFA rules to skip the MFA flow when the user has already confirmed MFA. You can read more about it here - Configure Silent Authentication.
Basically, you would need to update your rule to skip the MFA flow when the user has already confirmed MFA similar to this:
function (user, context, callback) {
let authMethods = [];
if (context.authentication && Array.isArray(context.authentication.methods)) {
authMethods = context.authentication.methods;
}
const completedMfa = !!authMethods.find((method) => method.name === 'mfa');
if (completedMfa) {
return callback(null, user, context);
}
context.multifactor = {
provider: 'any',
allowRememberBrowser: false
};
callback(null, user, context);
}