Great I could help!
Just to provide more information on the matter, that error is being thrown because in order for a user to be able to enroll into a new MFA factor, an MFA token is required.
If you attempt to enroll an user without having them log in or undergo an MFA challenge, this token will be missing and the error will be thrown. Because of that, if you wish to basically “bypass” a login process or an MFA challenge, you would need a custom implementation in which you generate the MFA token for the user and enroll them using the Authentication API.
Kind Regards,
Nik