Multifactor Authentication | React | okta-auth-js

Architecture

Frontend - React (using the library okta-auth-js)
Backend - Java (Resource server, using the authorization server)

So I am able to verify email multifactor flow using the postman Okta API . When I use the existing code okta-auth-js - authClient.signIn(credentials),

After enabling th MFA on the application, i expect the transaction returned from the authClient.signIn(credentials), should have status
status: ‘MFA_REQUIRED’,
instead I get
status: ‘SUCCESS’ - which means authentication flow complete.

The login flow fails when we try to get the id_token with error - “login_required, error.description: The client specified not to prompt, but the client app requires re-authentication or MFA.”

So I am not really sure what I am missing.

Documentation I am refering - https://github.com/okta/okta-auth-js#transactionstatus

1 Like