I have a SPA application, and from what I can tell the http://auth0.com/oauth/grant-type/mfa-otp grant is not available when using Organizations. We want to build a way for our users to manage their MFA, but from the docs I don’t think this is possible without the mfa grant.
I tried to add the otp mfa grant type through the management api but I got an error message that it conflicted with organization login being required.
I’ve been referencing this
Hi @brady.dean
Thanks for getting in touch with us at Auth0 Community.
Are you able to try setting your organization settings in the application to Both as below:
You would then need to pass in the organization_id into the /authorize request to login in the context of an organization.
Maybe this will work for you.
Warm regards.
Our product exclusively uses organizations, we do not have sign-ins outside of organizations.
Hi @brady.dean
You can configure your application to always use the organization_id by always passing it into the /authorize request so every login is in the context of an organization.
If you wanted to keep the “Team members of organizations” selected then you may be able to solve the problem by having a separate app just for managing MFA that doesn’t use Organizations, once the user has passed MFA then return to your main application.
Warm regards.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
