When two factor backup codes are enabled, confirming a new email address fails with this error:
Oops
The software powering this discussion forum encountered an unexpected problem. We apologize for the inconvenience.
Detailed information about the error was logged, and an automatic notification generated. We'll take a look at it.
No further action is necessary. However, if the error condition persists, you can provide additional detail, including steps to reproduce the error, by posting a discussion topic in the site's feedback category.
This happens across multiple Discourse setups, so, isn’t specific to one.
Turning off the two factor backup codes feature resolves the issue, and email verification goes through fine.
Did you check /logs in your web browser when logged in as an admin to see what the actual error is? I think we would have seen this on our sites if it was an actual bug.
Also, is this with security keys, or totp tokens? Regardless, we will need specific reproduction steps here (either in a dev environment, or try.discourse.org) so we can confirm.
Good point. This turns out to be an issue only when two factor backup codes are enabled. I have updated the post with the new details and steps to reproduce.
I didn’t mean to say that the email needs to be updated multiple times. It’s to indicate that the email verification fails only when backup codes are enabled, and not otherwise.