I’m using Resource Owner Password flow to get token for the user and have implemented a Post-Login action to only ask MFA for selective users.
exports.onExecutePostLogin = async (event, api) => {
const CLIENTS_WITH_MFA = [
'demo_client_id'
];
if (CLIENTS_WITH_MFA.includes(event.client.client_id)) {
api.multifactor.enable('any', {allowRememberBrowser: true});
}
};
But the allowRememberBrowser property doesn’t have any effect. I’m expecting it will not ask any MFA for the next 30 days but it asks each time.
What is required for this property to work as expected?