Node-SFA error , User has already enabled MFA

abhisheksagu · October 19, 2023, 6:25am

Please provide the following details too when asking for help in this category:

SDK Version:
Verifier Details:
- Verifier Name:
- JWKS Endpoint:
- Sample idToken(JWT)

I tried to use node-sfa sdk to create a private key for a user by passing the JWT from my backend to the node-sfa sdk as done here in this latest node-sfa sdk at https://github.com/Web3Auth/web3auth-core-kit-examples/tree/main/node-sdk/node-backend-example

Now for some users (not all but a couple) , i am getting this error
{“name”:“WalletLoginError”,“code”:5000,“message”:“Custom. User has already enabled mfa, please use the @web3auth/web3auth-web sdk for login with mfa”}

Now user cannot enable MFA in our application since we haven’t given him any such option to do so. We did upgrade the node-sfa sdk to latest version 3.1.0 as stated in the example . The ethereum-provider library is updated too. So how come we still have this error for a few accounts and for the rest of them things are working smooth.

Please answer the following questions
1.) Why is this error occuring at all since as i said we don’t allow users to enable MFA in any way?
2.) How can we resolve this issue for now?
3.) How can we prevent this issue from happening in the future?

This would be a major issue in production even if it happens for a few users. So please help us resolve this issue ASAP , thanks.

vjgee · October 20, 2023, 4:47am

@abhisheksagu Thanks for your patience.

Your request has been forwaded to our Dev team and we will get back with further updates.

yashovardhan · October 20, 2023, 6:58am

Please share more details so that we can investigate.
Your client id, verifier, the user’s verifier id and possibly an idtoken for the respective user would be useful.

Also we want to make sure that the users are not using the same verifier somewhere else as well. If that’s the case MFA might have been enabled somehow.

Please share for all individual users it has happened to.

abhisheksagu · October 20, 2023, 7:32am

hi @yashovardhan , here are the details you asked for.

WEB3AUTH_CLIENT_ID=BM-NShQ_eCmPSR5_ocBQTRo2iAAfYgST8gOm3t8tUoh8mgfPLJXyJ1PTozVqePRuRA_KmhKzVLe2w2zc7qn2N0E
WEB3AUTH_VERIFIER_NAME=staging-axr-wallet
‘idToken’,
0|axr-api | ‘eyJ0eXAiOiJqd3QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjhWclhWcVRRbG1uX084X3g5Y2d4NVY0RElsNmR3TXlqYVA1REN4Q2JOcnMifQ.eyJzdWIiOiI0MjQiLCJuYW1lIjoic2hlaHphZDEwIiwiZW1haWwiOiJzaGVoemFkMTBAZ21haWwuY29tIiwicGhvbmVOdW1iZXIiOiIrOTcxNTI2MDU5MTE5IiwiZXhwIjoxNjk3ODczNDAzLCJpYXQiOjE2OTc3ODcwMDMsImlzcyI6Imh0dHBzOi8vYXBpLXN0YWdpbmcuYXhpcndhbGxldC5jb20iLCJhdWQiOiJheHItd2FsbGV0In0.HFWgpPFqcD0o1M2wV78ZExeP7iH0JPwwFXygPQ_VXtA1Yfp_jLlwBMoX9F-dKvbBeuLYrkON2dalGBItrZugBZKSQYG72B4z-pfiQ54bdCbw03R3FijiSfLKkd5O49Xm5x1DZ9Qqf2ouOkkQinRUY-KsQb_4bhkdN-bFDBkQXdmw4LJWToYWmPVvI79JFm7LcTDkQObmz69sceg1DmisS2yhH9Kw6eEV520sZrJXTOqBlkY37yPoah3dTrMJvd-KVhFJ4Q5jXl_3t4QtVakieFauIPw2OPoVlkemtJi9PwHafAdUa3YTK_chOW17oWqFeAi-dMx-oP98txGJ6GvynA’

Facing this mfa error for user with email shehzad10@gmail.com

abhisheksagu · October 23, 2023, 5:31am

hi @vjgee , @yashovardhan , any updates on this issue ?

abhisheksagu · October 25, 2023, 5:04am

hi @vjgee , @yashovardhan , any updates on this issue?

abhisheksagu · October 25, 2023, 12:09pm

hi @vjgee , @yashovardhan , we are getting more users with the same issue. How do we fix this ?

vjgee · October 25, 2023, 1:12pm

@abhisheksagu Our team are working on your issue and request you to be patient. We will get back when there is a meaningful update to share.