Hello,
I want to force the user to complete a push challenge in certain conditions once they are already logged in. So far this is what I have:
` var options = {
};
axios.request(options).then(function (response) {
console.log(response.data);
res.send(response.data)
}).catch(function (error) {
console.error(error);
});`
I think the issue is that I am not getting the right token and that it doesn’t have the right scopes. How can I request the correct token with the right scopes?
Hi @richardb ,
Thank you for your post and sorry for the late reply.
In order to achieve this you can follow the ROPG with MFA flow.
Firstly please make sure that you enable the MFA grant type for your application from Auth0 Dashboard > Applications > Advanced Settings > Grant Types .
The request made has to be similar to this:
var options = {
method: 'POST',
url: 'https://{yourTenantName}.us.auth0.com/oauth/token',
headers: {'content-type': 'application/x-www-form-urlencoded'},
data: new URLSearchParams({
grant_type: 'password',
username: 'user@example.com',
password: 'pwd',
client_id: '{yourClientId}',
client_secret: '{yourClientSecret}',
audience: 'https://someapi.com/api',
scope: 'openid profile read:sample'
})
};
Afterwards you can follow our documentation on how to Enroll and Challenge Push Authenticators .
Otherwise your approach can get trickier a bit, so i would recommend checking out this community post .
Another option would be implementing your custom login within Actions and challenge the user for a push notification, with examples here .
I hope this helped.
system
February 27, 2025, 6:22pm
5
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.