I’ve created a React SPA using the ‘Create Application’ feature in getting started. I’ve enabled One-Time Password only in the MFA settings and added http://localhost:3000 to Allowed Callback URLs, Allowed Web Origins and Allowed Logout URLs in the application settings. The MFA works fine up to the point of successful authentication using Authy OTP, but when it tries to redirect to my desired ‘redirect_uri’ which is simply http://localhost:3000 a 401 is returned via /mf?provider=guardian&state=… with ‘Unauthorized’ in the top left corner.
Hello Sophia!
I would first recommend if you are using any social providers, to get the dev keys for those social providers. The auth0 dev key for social connections has severe limitations.
If you continue to experience issues, could you provide your tenant name and would it be possible to provide a HAR file in a private message? You can find instructions on how to create them here: Generate and Analyze HAR Files