If a user hads no MFA and MP is configured to require MFA, the user is currently redirected to the login page despite actually being logged in.
This is because the InsufficientAalException is not passed upstream, instead it you just get an TokenValidationException.
We need to generate a proper error for the user, so they know they need to enable MFA
If a user hads no MFA and MP is configured to require MFA, the user is currently redirected to the login page despite actually being logged in.
This is because the InsufficientAalException is not passed upstream, instead it you just get an TokenValidationException.
We need to generate a proper error for the user, so they know they need to enable MFA