After the enforcement of MFA and configuring MFA for users, login page redirects users to session_timeout.do(302) even after providing correct credential.Issue Use case :: MFA enabled user is not redirecting to "validate_multifactor_auth_code.do" page after successful enrolment of a MFA device. Instead the page is taking to welcome.do To diagnose the issue, use the developer tool of the browser and follow the transaction. You will see after the user enters the credentials, page "login.do" "validate_multifactor_auth_code.do" is getting a response of 302 followed by welcome.do with a status of 200.ReleaseAll releasesResolutionNavigate to sys_public table, check the entry “validate_multifactor_auth_code” has been set to active=false. If it is set to false set the same to true , it will resolve the issue.