MFA Authorization Error

A bit baffled on this one,

after toggling on:

I now see:

{"error":"invalid_grant","error_description":"Invalid authorization code"}

When performing the login. I have walked through the flow line by line, and nothing has changed, except the request now errors out.

Is there something I need to pass in from the returned code and state? I see the code is properly passed into the request after the redirect from MFA, but when its enabled, it now fails.

When I turn off the policy, it works fine.

I am using vue-auth0

Code looks something like this:

const ap = {
    redirect_uri: ruri(),
    audience: `https://${auth0InitOptions.audience}/api/v2/`,
  }

if (queryParams?.organization) {
    ap.organization = queryParams?.organization;
  }

  if (queryParams?.invitation) {
    ap.invitation = queryParams?.invitation;
  }

const auth0Plugin = createAuth0({
    domain: auth0InitOptions.domain,
    clientId: auth0InitOptions.clientId,
    useCookiesForTransactions: true,
    authorizationParams: ap,
  })
  app.use(auth0Plugin);

  try {
    debugger;
    await auth0Plugin.handleRedirectCallback();
  } catch (err) {
    debugger;
    console.warn(err)
  } finally {
    try {
      await delay(400) // short delay for token check
      debugger;
      await auth0Plugin.getAccessTokenSilently();
      debugger;

I know from other threads the common errors is the authorization code is:

expired
issues to another client
does not match the redirect URI

However, all of these cases can be ruled out, because it works fine if I just toggle off MFA. There is something with the MFA policy that is causing the issue.

Found the solution buried here:

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.