A bit baffled on this one,
after toggling on:
I now see:
{"error":"invalid_grant","error_description":"Invalid authorization code"}
When performing the login. I have walked through the flow line by line, and nothing has changed, except the request now errors out.
Is there something I need to pass in from the returned code and state? I see the code is properly passed into the request after the redirect from MFA, but when its enabled, it now fails.
When I turn off the policy, it works fine.
I am using vue-auth0
Code looks something like this:
const ap = {
redirect_uri: ruri(),
audience: `https://${auth0InitOptions.audience}/api/v2/`,
}
if (queryParams?.organization) {
ap.organization = queryParams?.organization;
}
if (queryParams?.invitation) {
ap.invitation = queryParams?.invitation;
}
const auth0Plugin = createAuth0({
domain: auth0InitOptions.domain,
clientId: auth0InitOptions.clientId,
useCookiesForTransactions: true,
authorizationParams: ap,
})
app.use(auth0Plugin);
try {
debugger;
await auth0Plugin.handleRedirectCallback();
} catch (err) {
debugger;
console.warn(err)
} finally {
try {
await delay(400) // short delay for token check
debugger;
await auth0Plugin.getAccessTokenSilently();
debugger;
I know from other threads the common errors is the authorization code is:
expired
issues to another client
does not match the redirect URI
However, all of these cases can be ruled out, because it works fine if I just toggle off MFA. There is something with the MFA policy that is causing the issue.