Service-initiated MFA using OpenID Connect#

When using OAuth/OpenID Connect the service will need to send the following parameter as part of the authentication request:

More information on the acr_values parameter can be found here:

After authentication, the acr field in the generated token should be used to verify the authentication level.