Initiates an MFA challenge, sending an OOB code via SMS, email, or push, or preparing for OTP entry. Required for all factor types except OTP, where it is optional.
Enrolls a new MFA authenticator (OTP, SMS, Voice, Email, or Push).
Returns the list of enrolled MFA authenticators for the current user, filtered by the challenge types stored in the MFA context.
Returns the available enrollment factors from the stored MFA context. A non-empty result means the user must enroll before they can authenticate.
Verifies an MFA challenge and returns raw tokens. The grant type is inferred
automatically from the provided field: otp, oobCode, or recoveryCode.
Angular auth state (isAuthenticated$, user$) is not updated automatically —
call getAccessTokenSilently() afterwards to reflect the new session.
Observable-based MFA API client exposed by
AuthService.mfa.This is the Angular counterpart of
MfaApiClientfrom@auth0/auth0-spa-js. All methods returnObservableinstead ofPromise.