💻 Tech
If you are using auth0 management API to update a user (see Update users below), and you encounter this error, it means you’re trying to update a user, but you’re also trying to update its multifactor property. multifactor is the multifactor authentication provider that a user has registered (e.g., guardian). Based on the error, it means it’s read-only, and you can’t change the value with the patch_users_by_id API. The fix is to remove multifactor from the API payload. If you’re using Go, set the property to nil. If the change is intended, use the right API to delete multifactor (see Delete multifactor below).
Update users: https://auth0.com/docs/api/management/v2#!/Users/patch_users_by_id Delete multifactor: https://auth0.com/docs/api/management/v2/users/delete-multifactor-by-provider
Error:
400 Bad Request: Payload validation error: 'Additional properties not allowed: multifactor (consider storing them in app_metadata or user_metadata.