MFA association keeps failing

I’m using the Rest API in order to support MFA in my organization.
I did the oauth/token request successfully and got a “mfa_token”
Then, I moved to the second phase,
On the following Association request:
curl -X POST
-H ‘Postman-Token: 2c87fd21-e1e5-48b8-979d-91d9b01307d5’
-H ‘cache-control: no-cache’
-H ‘content-type: application/json’
-d ‘{
“authenticator_types”: [“oob”],
“oob_channel” : “sms”,
“phone_number” : “+972509567058”,
“client_id”: “XXXXXXX”,
“client_secret”: “XXXXXXX”,
“mfa_token” : “Fe26.2**XXXX”

I’m getting the following response:
Multi-factor authentication keeps failing with error:
“error”: “invalid_grant”,
“error_description”: “The mfa_token provided is invalid. Try getting a new token.”
,Even though the token was created successfully.

I’ll add that also the “otp” authenticator_type is not supported as well.

Am I doing anything wrong???


1 Like

The mfa_token should be placed in the header rather than in the request body.

const headers = {
‘Content-Type’: ‘application/json’,
Authorization:  `Bearer ${data.mfa_token}`

const bodyParams = {
  authenticator_types: ['oob'],
  oob_channels: ['sms'],
  client_id: clientId,
  client_secret: clientSecret,
  phone_number: phoneNumber
1 Like

Thank you a lot fo sharing that knowledge with the rest of community @WillVill!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.