i did like this,
curl --request POST
–url ‘https://our_domain/oauth/token’
–header ‘content-type: application/x-www-form-urlencoded’
–data grant_type=http://auth0.com/oauth/grant-type/mfa-otp
–data ‘client_id=client_id’
–data client_secret= client_secret
–data ‘mfa_token=token_given_from_last_curl_command’
–data ‘otp=otp’