This article explains the conditions that cause the 'mfa-detect-browser-capabilities' screen to be displayed.

Screen: mfa-detect-browser-capabilities. See Customize Universal Login Text for more details:

Even though JavaScript is disabled in the browser, the following error is displayed on a white page instead of this prompt.

Steps

1. Dashboard > Security > Multi-factor Auth

• • Factors: Enable One-time Password and Phone Message
  • Define policies: Always

2. Chrome: Enable Don't allow sites to use JavaScript
3. Screen: login: Enter email and password, then select Continue
4. The error message You need to enable JavaScript to run this app. shows up on a blank screen.
   
   
    

• Multi-Factor Authentication (MFA)
• JavaScript

The error message You need to enable JavaScript to run this app is caused by running a Single Page Application (SPA) that requires JavaScript to run in the beginning.

The "mfa-detect-browser-capabilities" screen can be displayed only when the following conditions are met.

Steps to reproduce:

1. Dashboard > Security > Multi-factor Auth 

• • Factors: Enable
    • WebAuthn with FIDO Device Biometrics
  • Define policies: Always

2. Enroll WebAuthn with FIDO Device Biometrics as a user's MFA Factor
3. In Post Login Action, force MFA challenges.

exports.onExecutePostLogin = async (event, api) => {
   api.authentication.challengeWith({type: "webauthn-platform"});
};

4. Chrome: Enable Don't allow sites to use JavaScript
5. Screen: login: Enter email and password, then select Continue
6. "Screen: mfa-detect-browser-capabilities" is displayed.

• • This can be applied to the following factors as well.
    • WebAuthn with FIDO Security Keys

Note: Even if the policy is Always, this screen must still be forced with an Action.