Hello!
My question is almost identical to this topic: Cannot get desired scope from react-auth0 getAccessTokenWithPopup
I’m following the documentation for configuring step-up auth. In my react app, I’m attempting to use getAccessTokenWithPopup to call the /authorize endpoint, like this:
import { useAuth0 } from '@auth0/auth0-react';
const { getAccessTokenWithPopup } = useAuth0();
return (
<Button
use={ButtonUse.Primary}
onClick={(): void => {
const token = getAccessTokenWithPopup({
cacheMode: 'off',
authorizationParams: {
prompt: 'login',
acr_values: 'http://schemas.openid.net/pape/policies/2007/06/multi-factor',
},
});
console.log('token', token);
}}
>
Click me to step up
</Button>
);
The popup shows a login form as expected, but my custom action isn’t catching the acr_value, and isn’t prompting for MFA. When I debug the token at jwt.io, it doesn’t show any amr or acr values.
What am I missing?