@auth0/nextjs-auth0 - v4.15.0
    Preparing search index...

    Class MfaRequiredError

    Thrown when getAccessToken requires MFA step-up authentication.

    This error is thrown during token refresh when Auth0 returns mfa_required. The mfa_token property contains an encrypted token that can be used with Auth0's MFA API to complete the authentication challenge.

    The mfa_token is encrypted using the SDK's cookie secret for security. The raw token from Auth0 is never exposed to application code.

    Supports two consumption paths with identical shape:

    1. Direct SDK call: properties accessed on error instance
    2. HTTP API route: Response.json(error) uses toJSON() automatically
    import { getAccessToken, MfaRequiredError } from "@auth0/nextjs-auth0/server";

    try {
      const { token } = await getAccessToken({ audience: "https://api.example.com" });
    } catch (error) {
      if (error instanceof MfaRequiredError) {
        // Redirect to MFA challenge page
        redirect(`/mfa?token=${error.mfa_token}`);
      }
      throw error;
    }

    Auth0 MFA API

    Hierarchy (View Summary)

    Index

    Constructors

    constructor

    Properties

    cause? code error error_description mfa_requirements? mfa_token

    Methods

    toJSON

    Constructors

    • Parameters

      • error_description: string

        Error description from Auth0

      • mfaToken: string

        Encrypted MFA token (constructor param uses camelCase)

      • OptionalmfaRequirements: MfaRequirements

        MFA requirements from Auth0 (constructor param uses camelCase)

      • Optionalcause: Error

        Underlying error

      Returns MfaRequiredError

      Constructor parameters use camelCase (mfaToken, mfaRequirements) for consistency with SDK conventions, but they are assigned to snake_case properties (mfa_token, mfa_requirements) to match Auth0 API response format.

    Properties

    cause?: Error
    code: string = "mfa_required"
    error: string = "mfa_required"

    Original Auth0 error code

    error_description: string

    Original Auth0 error description

    mfa_requirements?: MfaRequirements

    MFA requirements indicating available challenge/enrollment methods

    mfa_token: string

    Encrypted MFA token to pass to MFA API methods.

    Methods

    • Serialize error for HTTP responses. Called automatically by Response.json() and JSON.stringify(). Ensures both SDK and HTTP API consumers get identical shape.

      Returns {
          error: string;
          error_description: string;
          mfa_requirements?: MfaRequirements;
          mfa_token: string;
      }

    Settings

    Member Visibility

    On This Page

    Constructors
    Properties
    Methods