Silent auth failed during signup due to "Multifactor Authentication Required" Error

Hi,

I am encountering issues related to silent auth and multi-factor authentication during sign-up.

Note: Everything works fine without MFA.

Reproducible steps:

  1. Front-end: New User signs up to our app
  2. Auth0: Assign permissions via post login flow code and set claims
  3. Front-end: Refetch this token containing the new permissions claims via React hook (Updating User Profile · Issue #135 · auth0/auth0-react · GitHub)
 await getAccessTokenSilently({
    cacheMode: 'off',
  });

Without MFA: Works expected
With MFA: Multifactor authentication required error from Auth0 (latest version 2.2.4)

  • Please also note that when MFA is enabled for the app, I have set up MFA during sign up successfully

Since everything is working without MFA, I assume my flow code is good (it also makes no reference to MFA or anything related)

Issue resolved by utilizing the MFA flow action template for silent authentication

exports.onExecutePostLogin = async (event, api) => {
    // if the array of authentication methods is valid and contains a method named 'mfa', mfa has been done in this session already
    if (
        !event.authentication ||
        !Array.isArray(event.authentication.methods) ||
        !event.authentication.methods.find((method) => method.name === 'mfa')
    ) {
        api.multifactor.enable('any');
    }
};