REST Cloud API Multifactor response


I’m trying to grab an Oauth token so a desktop application can pub/sub with my particle devices.
I’m able to send the request and get a mfa_token challenge.
However the endpoint doesn’t seem to be accepting the mfa_token and otp fields.

How do I send an OTP back?
I’ve added the mfa_token to my encoded data, and I’ve tried creating a field named “otp” and set it equal to my six-digit MFA otp. I just get a different mfa_token challenge.

Tried naming it otp_token and particle-otp-token. There doesn’t seem to be documentation on how to handle the challenge in the reference documents.


To anyone else having this issue:
The form body to send back follows this format:

mfa_token: <mfa_token>
otp: <six digit code>
grant_type: <urn:custom:mfa-otp>

Extracted from the source of particle-cli.
This should really be in the Oauth documentation though.