get https://{application_vanity_domain}/api/v1/mfa-challenge/create-auth-session
Redirect Required
Your application will need to redirect to this endpoint instead of making a direct API call.
Tenant Vanity Domain Required
When calling this API you need to use the vanity domain of the tenant that the user belongs to.
Creates a new auth session for the user and returns a response containing a redirect to the appropriate location. The response will also include the session cookie.
The redirect URL that gets returned will resolve in the following order:
- If the MFA challenge flow was triggered by an OAuth 2 authorization request, then the redirect URI specified in the OAuth 2 authorization request is returned.
- If the MFA challenge flow was triggered by a workflow that had a custom redirect URL configured, then the custom redirect URL is returned.
- If a client ID was passed to the request that triggered the MFA challenge flow and a client login URL is defined, then the client's login URL is returned.
- Otherwise, the application login URL is returned.