MFA enabled user is not getting the token pageDescriptionUse case we are discussing here is, a MFA enabled user is not redirecting to "validate_multifactor_auth_code.do" page after successful enrolment of a MFA device. Instead the page is taking to welcome.do To diagnose the issue, use the developer tool of the browser and follow the transaction. Here in this case, we could see after the user enters the credentials, page "login.do" "validate_multifactor_auth_code.do" is getting a response of 302 followed by welcome.do with a status of 200 Login.do validate_multifactor_auth_code.do Welcome.do Hence this clear that page is finally landing to welcome.do CauseThis can be any customisations at the instance level like UI pages, global UI script. If there is no Portal/CMS pages involved you can check with Installation exitsResolutionCheck for installation exits like Login and see if there is any redirections happening. Examples: loginFailed : function() {// redirect back to welcome page if login failedgs.setRedirect('welcome.do'); Reverting this should fix the issue and you can check the response status of "validate_multifactor_auth_code.do" as 200 afterwards.