Silent Authentication not working in MFA enabled session

Gokulanathan.R · July 23, 2025, 8:01am

I have implemented MFA with email challenge in post action login. When user refresh the browser, React auth0 component method getTokenSilently() throws exception that ‘Error fetching access token: Fm: Multifactor authentication required’.

Implemented the solution from Auth0 documentation and Auth0 community topic suggestions. The solution not works for us.

Auth0 documentation:
exports.onExecutePostLogin = async (event, api) => {
const authMethods = event.authentication?.methods ||

const completedMfa = !!authMethods.find((method) => method.name === ‘mfa’)

if (!completedMfa) {
api.multifactor.enable(‘any’, { allowRememberBrowser: true })
}
};

Solution from exsiting topic in Auth0 community:

exports.onExecutePostLogin = async (event, api) => {

if(event.authentication) {
console.log(event.authentication)
if (event.authentication.methods.find(({ name }) => name === ‘mfa’) ) {
console.log(‘mfa already passed, disabling for this login attempt’)
api.multifactor.enable(“none”);
}
} else {
console.log(‘no authentication methods recorded’, event)
}
};

We tried above solution in trigger order prior as well as next to Post login action of MFA challenge. The solution not working.

remus.ivan · July 24, 2025, 4:50pm

Hi @Gokulanathan.R,

Welcome to the Auth0 Community!

When you set “Always Require MFA” in the Tenant MFA settings, Auth0 will unconditionally force MFA before your Actions run, even on silent authentication, so firstly please make sure that the MFA policy is set to “never” and so that the action will be the one running the logic for the mfa implementation.

When it comes to your first code snippet the allowRememberBrowser must be set to false . If the user chooses to remember the browser for 30 days, the ‘MFA’ value will not be present in the array, which will conflict with the expected behavior of this action.

This should do the trick, but in case it doesn’t it would be great if you could also send me a private dm with the tenant name that you have encountered the issue on.

Best regards,
Remus

Topic		Replies	Views
Failed Silent Authentication - Multifactor Authentication Required Issue Knowledge Articles	1	137	February 28, 2025
Silent auth failed during signup due to "Multifactor Authentication Required" Error Get Help login-experience , new-universal-login-experience	1	499	April 24, 2024
What is the correct way to require MFA for ONLY auth0 connections? Get Help mfa , mfa-api	3	2693	January 11, 2023
Workaround for MFA error when using getAccessTokenSilently with React Get Help auth0-react , sdks-quickstarts	3	2158	April 26, 2023
Auth0 SPA silent auth failing due to SMS MFA Get Help login-experience , new-universal-login-experience	2	241	July 3, 2024

Silent Authentication not working in MFA enabled session

Related topics