Hi there,
Unfortunately I’m quite stuck on this one, so I would like to get some help if possible. I’m trying to enrol a new MFA option via my NextJS application. I successfully connect to the MFA api and audience via the following call:
const response = await auth0.passwordGrant({
username: session.user.email,
password: req.query.password as string,
audience: 'https://myamdax-dev.eu.auth0.com/mfa/',
scope: 'openid enroll read:authenticators remove:authenticators',
});
This works, I get a MFA accessToken and I’m able to, for example list the user’ authenticators via this call:
const response = await fetch(`${baseURL}/mfa/authenticators`, {
headers: {
Authorization: `Bearer ${mfaToken}`,
'content-type': 'application/json',
},
});
This works, also decoding my accessToken via jwt.io shows that I’m using the correct audience and scopes:
But the call to actually enrol the authenticator fails with an “500 Internal error”.
const response = await fetch(`${baseURL}/mfa/associate`, {
method: 'POST',
headers: {
Authorization: `Bearer ${mfaToken}`,
'Content-Type': 'application/json',
},
body: JSON.stringify({
...req.body,
}),
});
The body sent contains:
authenticator_types: [ 'otp' ],
So I’m kinda out of options for this one, also because the error is not descriptive at all and I can’t find anything about it online. So all help would be appreciated. Hopefully I did not forget anything. Thanks