Hi,
I tried to use MFA Email factor successfully for the first time. (login, enroll authenticators, and confirm authenticators)
But It was failed when I tried for the second time with error with 2 attributes of multifactor_last_modified,multifactor:
{
"error": "access_denied",
"error_description": "Payload validation error: 'Additional properties not allowed: multifactor_last_modified,multifactor (consider storing them in app_metadata or user_metadata. See \"Users Metadata\" in https://auth0.com/docs/api/v2/changes for more details)'."
}
The expected result should be a json with error message that mfa_required.
I did enabled 2FA via Rule by the code:
function multifactorAuthentication(user, context, callback) {
/*
You can trigger MFA conditionally by checking:
1. Client ID:
context.clientID === 'REPLACE_WITH_YOUR_CLIENT_ID'
2. User metadata:
user.user_metadata.use_mfa
*/
if (context.clientID === 'm2tMUuWeq3RoLk8CQGJmC4jnziuFoY2b') {
context.multifactor = {
provider: 'any',
// optional, defaults to true. Set to false to force authentication every time.
// See https://auth0.com/docs/multifactor-authentication/custom#change-the-frequency-of-authentication-requests for details
allowRememberBrowser: false
};
}
callback(null, user, context);
}
Configuration on Tenant: ( Never so that the Rule will be applied by Application)
Configuration on Application:
I’ve checked the log and saw that there is an “Api update user” after successfully confirmed the challenge. And that seem this update cause error.
Can you please help that I missed something? Or how can I overcome this issue?