Debug MFA

Use the either of the following tools or a combination to understand the debug information:

• Splunk - to see the debug logs.
• System logs or Node logs.
• HAR logs to analyze the debug logs for the MFA.

Log location and Debug properties

The system debug logs and instance node logs are required for the debug purpose. Following are the debug properties that are required to be enabled:

• glide.webauthn.debug.enabled
• glide.log.default_log_debug
• glide.authenticate.policy.debug
• glide.authenticate.hybrid_user_tracking.debug

MFA issue based on scenarios

Scenario 1: User is not able to login using any of their second factor

Reset the MFA for the your users and delete the old user records from the following tables:

• user_multifactor_auth
• sys_user_public_credential
• sys_user_multi_factor_setup

Scenario 2: Admin is not able to login using any of their second factor

Another user with admin access can reset the MFA for any blocked admin user. If still the issue exist, reach out to ServiceNow Support.

Scenario3: Error observed during the MFA Setup or Validation

Check the warning "Associated Error Codes/Warning: Your 6-digit verification code is incorrect. Try again with the correct code".

Perform the following steps:

• In case of TOTP Authenticator App, if the date and time of the Authenticator MFA device and instance are not in sync (±30 sec), then the TOTP code is not accepted. Verify the device and instance date and time.
• In case of email, configure the user level notification, outbound email configuration, and user correctly in the sys_user table.
• In case of SMS, configure the Twillio or other SMS service provider integration correctly and set to active. Verify if the user's mobile number is configured correctly in the sys_user table.