Hello Everyone, I want to bring this problem to your notice that its currently no way possible to implement two-factor authentication with oauth2 enabled within the application as user details cannot be retrieved without the two-factor access token set in the header. Its the user details object which contains a property to tell whether two-factor authentication is enabled. Due to this circular dependency, one cannot happen without the other.
There should be some way to know whether two-factor authentication is enabled while retrieving the oauth2 access token either with the response containing the token or user details(only the ones which are necessary) should be initially retrievable without the two-factor authentication header. I have created an issue for your reference: https://github.com/openMF/web-app/issues/121 Thanks Abhay.
