I’m currently using Auth0 APIs to perform MFA on users by utilising Resource Owner Password Flow. I’m currently able to enrol User in MFA and verify the code.
But when I’m trying to use mfa/challenge API, it gives me error.
{
"error": "invalid_grant",
"error_description": "Malformed mfa_token"
}
Not Sure what could be the issue, Please help here.
Welcome to the Auth0 Community!
I’ve checked our community for similar topics, and one stands out for me → Malformed mfa_token message when trying to challenge an user with MFA - #11 by tyf
Basically, it seems that in order to get a void MFA token for
/mfa/challenge, we must use ROPG.The
/authorizeendpoint with the audience and scopes is not enough, since once I pass the login there, I’m already considered login and haveaccess_token, which allows me to enroll new MFA methods, but cannot be used as MFA token for the/mfa/challengeendpoint.
Let me know if this helps you.
Thanks
Dawid
Nope its not working, I’m using ROPG, Can you please let me know what should be scope and audience URI to generate MFA Token for this. Currently I’m using
Audience URI: <BASE_URL>/mfa
Scope: enroll read:authenticators remove:authenticators openid profile read:current_user
Endpoint: <BASE_URL>/oauth/token