Trigger Step-Up authentication with Auth0 Lock

I want to add Step-Up authentication to my SPA using Auth0 Lock. I added a custom rule to trigger MFA when sending acr_values, as described here.

  • Unfortunately the embedded lock widget always shows “something went wrong when attempting to log in”.
  • The corresponding error in the Auth0 logs says “Multifactor authentication required”

When doing the same flow via redirect requests (without Auth0 Lock) it works exactly as expected, i.e. Auth0 asks for my MFA code only, then redirects back to my app. Is there a way to achieve the same using the embedded Auth0 Lock widget?

(Please note that I want to deliberately ask for the user’s MFA code and only the code, even if they already authenticated before – no silent authentication)

Hey there!

Sorry for such huge delay in response! We’re doing our best in providing you with best developer support experience out there, but sometimes our bandwidth is not enough comparing to the number of incoming questions.

Wanted to reach out to know if you still require further assistance?