Create Auth Session

NOTE: In order for the session cookie to be set properly this API needs to be redirected to from the browser. The redirect URL should use the vanity domain of the tenant that the session is associated to.

Creates a new auth session for the user and returns a response containing a redirect to the appropriate location. The response will also include the session cookie.

The redirect URL that gets returned will resolve in the following order:

• If the MFA challenge flow was triggered by an OAuth 2 authorization request, then the redirect URI specified in the OAuth 2 authorization request is returned.
• If the MFA challenge flow was triggered by a workflow that had a custom redirect URL configured, then the custom redirect URL is returned.
• If a client ID was passed to the request that triggered the MFA challenge flow and a client login URL is defined, then the client's login URL is returned.
• Otherwise, the application login URL is returned.