Mfa_token is not returning when login via Resource Owner Password post method

Hi guys, try to login with a user that have MFA enabled
so i expect to get mfa_token in the response
i worked with this guide LINK
but the POST is just returning

  access_token: 'eyJhbGc...',
  id_token: 'eyJhbGci...',
  scope: 'openid profile',
  expires_in: 86400,
  token_type: 'Bearer'

this is the code

var options = {
    method: 'POST',
    url: 'https://<NAME>',
    headers: {'content-type': 'application/x-www-form-urlencoded'},
    data: new URLSearchParams({
        grant_type: 'password',
        username: 'USER',
        password: 'PASS',
        scope: 'openid profile read:sample',
        client_id: '...25h...',
        client_secret: '...70GX-xe...'

axios.request(options).then(function (response) {
}).catch(function (error) {

Hello @avivmam welcome to the community!

Can you confirm what you mean by a user that has MFA enabled? The fact that tokens are being returned here leads me to believe that MFA has not been enabled on your tenant and thus applications - I recommend taking a look at the following doc and confirming whether or not it’s been enabled:

Hope this helps!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.