SMS MFA message template always uses 'multifactor.otpmessage' instead of 'MultiFactor.OTPMessage'
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-09-2025 06:06 PM - edited 06-09-2025 06:09 PM
Hi all,
I'm working on configuring SMS MFA using Twilio in our ServiceNow instance (Yokohama release).
In the MFA provider configuration, I have specified the message key as `MultiFactor.OTPMessage`, and it works well in English.
However, when the user's language is set to Japanese, the message sent via Twilio always uses the translation from `multifactor.otpmessage` (lowercase key), instead of the expected `MultiFactor.OTPMessage`.
Here’s what I’ve confirmed:
- The MFA Provider is correctly configured to use `MultiFactor.OTPMessage` as the message key.
- `sys_translated_text` contains a valid Japanese translation for `MultiFactor.OTPMessage`.
- There is also an old/legacy translation with the key `multifactor.otpmessage`, which was accidentally being picked up and used in the SMS message.
It seems like the system is ignoring the case-sensitive key when resolving translations for non-English languages.
### Question:
Is this a known behavior?
Does ServiceNow fallback to lowercase keys (`multifactor.otpmessage`) even when I explicitly configure `MultiFactor.OTPMessage`?
What is the recommended way to safely prevent the system from using the wrong key without deleting system translation records?
Thanks in advance!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-09-2025 08:06 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-09-2025 09:53 PM
Hi all,
I'm working on configuring SMS-based Multi-Factor Authentication (MFA) using Twilio in a Yokohama instance.
Currently, I have the following 3 records in the `sys_ui_message` table:
1. `MultiFactor.OTPMessage` (English):
Message = `Your 6-digit verification code is {0}, ...`
2. `multifactor.otpmessage` (Japanese):
Message = `6 桁の検証コードは {0} で、{1} 分後に無効になります。...`
3. `multifactor.otpmessage` (Japanese):
Message = `MultiFactor.OTPMessage {0}` ← This message is currently being sent via Twilio.
I already removed the **Code** value from the first record (`MultiFactor.OTPMessage`, English), as suggested in the known issue workaround. However, Twilio still sends the message from record ③ (`multifactor.otpmessage`, Japanese) which just says `MultiFactor.OTPMessage {0}` and does not get parsed.
---
### Questions:
1. Why is the system still referencing `multifactor.otpmessage` instead of `MultiFactor.OTPMessage`?
2. Is this fallback behavior (case-insensitive key matching?) expected in the current version?
3. Is it safe to delete the incorrect `multifactor.otpmessage` (Japanese) record with `MultiFactor.OTPMessage {0}`?
I’ve already cleared the cache via `/cache.do`, but the behavior persists.
Any insight would be appreciated. Thank you!
