From 988035b9526feb7e3cd8797a06d6b311c5690f32 Mon Sep 17 00:00:00 2001
From: hsiegeln <37154749+hsiegeln@users.noreply.github.com>
Date: Sun, 26 Apr 2026 15:52:46 +0200
Subject: [PATCH] fix: handle MFA binding skip during registration submit
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The registration flow hit a 422 on /api/experience/submit when MFA
policy is UserControlled. Adds the same trySubmit + skipMfaBinding
pattern already used in the sign-in flow — Logto confirms mfa-skipped
works for both SignIn and Register interaction events.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 ui/sign-in/src/experience-api.ts | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/ui/sign-in/src/experience-api.ts b/ui/sign-in/src/experience-api.ts
index 3f2e4bf..497a05c 100644
--- a/ui/sign-in/src/experience-api.ts
+++ b/ui/sign-in/src/experience-api.ts
@@ -180,7 +180,19 @@ export async function completeRegistration(
   const verifiedId = await verifyCode(email, verificationId, code);
   await addProfile('password', password);
   await identifyUser(verifiedId);
-  return submitInteraction();
+
+  const result = await trySubmit();
+  if (result.ok) return result.redirectTo;
+
+  // MFA not enrolled, UserControlled policy — skip the binding prompt
+  if (result.status === 422 && result.code.includes('mfa')) {
+    await skipMfaBinding();
+    const retry = await trySubmit();
+    if (retry.ok) return retry.redirectTo;
+    throw new Error(retry.message);
+  }
+
+  throw new Error(result.message);
 }
 
 // --- Forgot Password ---