Growth plan feature-access fails with MFA settings error even though is_mfa_settings=false

Describe your issue or question:

Web3Auth / MetaMask Embedded Wallets feature-access request fails on the Growth plan with an MFA settings subscription error, even though MFA settings are not used anywhere in our code.

The failing request is sent by the SDK to:

https://api.web3auth.io/citadel-service/v1/signer/feature-access?client_id=...&network=sapphire_mainnet&is_whitelabel=true&session_time=86400&is_custom_auth=false&is_mfa_settings=false&enable_gating=true

The important part is that the request contains:

is_mfa_settings=false

But the API still returns an error saying that MFA settings are not available on the Growth plan.

It looks like the presence of the is_mfa_settings query parameter may be treated as requesting the MFA settings feature, even when the value is false.

Could you please confirm if this is a backend feature-gating issue, project provisioning issue, or if there is a specific SDK/config option we need to change to prevent this request from being blocked?

Which platform or framework are you using?

React / Next.js web app.

Which Web3Auth / Embedded Wallet SDK are you using?

We are using:

@web3auth/modal

Exact version can be provided from package.json / npm ls output.

What is not working as expected?

Social login / Embedded Wallet initialization fails because the SDK preflight feature-access request is rejected.

We are on the Growth plan and do not use MFA settings, but the API blocks the request with an MFA settings subscription error.

This blocks the auth flow before the user can successfully continue.

Important note:

There is no mfaSettings field in our Web3Auth config. We are not intentionally requesting MFA settings.

Exact error and logs:

{
“code”: 1003,
“error”: “The current subscription plan is growth and requesting features (MFA settings) are not available on growth plan. Please upgrade to a higher plan at https://dashboard.web3auth.io to use these features”,
“success”: false,
“metadata”: {
“team_id”: 85076
}
}

Failing request:

https://api.web3auth.io/citadel-service/v1/signer/feature-access?client_id=...&network=sapphire_mainnet&is_whitelabel=true&session_time=86400&is_custom_auth=false&is_mfa_settings=false&enable_gating=true

Package details:

@web3auth/modal: I can provide the exact version from package.json / npm ls output.
React: I can provide the exact version.
Next.js: I can provide the exact version.
Node.js: I can provide the exact version.
Package manager: npm / yarn / pnpm.

Question:

Why is the Growth plan blocked by the MFA settings feature gate when is_mfa_settings=false?

Can you please fix/check the feature gating for our project/team_id 85076, or confirm which SDK version/config change is required to avoid this issue?

Thanks — I’m on the MetaMask & Web3Auth team. This is an error report. From what you’ve shared, the most likely cause is the backend gating treating the mere presence of is_mfa_settings in the feature-access request as “MFA requested”, and the SDK is sending that query param by default (common in older versions / with whitelabel flows). Quick guidance and next steps:

  1. Likely root cause
  • Backend feature-gating is keying off presence of the is_mfa_settings parameter, not its value. The SDK is including the param even when false, which triggers the Growth-plan block.
  1. Recommended immediate actions
  • Upgrade @web3auth/modal and related @web3auth/* packages to the latest release (this is the cleanest fix; newer builds omit optional flags unless enabled).
  • As a quick diagnostic, try setting is_whitelabel=false and reproduce; if the param stops being sent and the error disappears, that confirms the SDK/whitelabel behavior.
  • If you cannot upgrade, you can temporarily patch/intercept the request in your app to remove the is_mfa_settings query param before it’s sent (workaround only).
  1. Info I need to escalate this for you
  • Exact @web3auth/modal version (from package.json or npm ls) — please provide this.
  • Confirm you’re using the Openlogin adapter / any other @web3auth adapters (yes/no).
    (You already provided team_id 85076 and the failing request — that’s useful.)
  1. Next from our side
  • If you want, I’ll escalate to the backend team to confirm whether the gating check is based on parameter presence and ask them to verify/fix project gating for team_id 85076. Please confirm you want me to open that internal ticket and share the exact @web3auth/modal version so we can reproduce.

If you prefer, first try upgrading @web3auth/modal and re-test — if the issue persists, reply with the exact package version and I’ll escalate immediately.

Note: This response was generated by an AI bot and may require further verification. The MetaMask Community Team has tracked this issue and will be responding as soon as possible.

Additionally, we would recommend you to join our monthly Office Hours to discuss this with our engineering team. MetaMask Developer Office Hours

Thanks. We already upgraded @web3auth/modal and retested — the issue persists on sapphire_mainnet.

Installed version: @web3auth/modal 11.2.0 (from package-lock.json)
Related packages: @web3auth/auth (transitive), @web3auth/no-modal (transitive)
We use @web3auth/modal only — no separate OpenLogin adapter.

Project: graphdex (sapphire_mainnet)
Plan: Growth
team_id: 85076

Failing request still includes is_mfa_settings=false but returns MFA settings Growth-plan error.

Please escalate to your backend team to:

  1. Confirm whether gating keys off parameter presence vs value
  2. Fix/reset feature gating for team_id 85076 / project graphdex

We do NOT use mfaSettings in SDK config.
Dashboard: Smart Accounts enabled (EIP-7702, MetaMask) — no MFA UI visible.

Yes, please open the internal ticket.

Hi thanks for the update the team will look into it

I think this issue is same with mine?
https://builder.metamask.io/t/all-social-logins-fail-on-sapphire-mainnet-growth-feature-access-403-on-is-mfa-settings-false-masked-by-cannot-redefine-property-name/

Yep, its same issues

Thanks for letting us know

This is solved now.

Thanks

1 Like

Thanks for reporting this. Our team worked on fixing MFA settings aspects and have fixed the issue.

Let us know if you are facing this.

1 Like