Summary

2FA gives a "Transaction not found" when validating the verification code on Safari, the issue is inconsistent, happening mostly when auto filling security applications are used (ie: 1Password), it can be reproduced manually.

Steps to reproduce

1. Go to id.atlassian.com
2. Get your verification code on clipboard
3. Fill up email and press enter
4. Fill up the password and press enter
5. As soon as the auth.atlassian.com page loads, paste the verification code and press enter quickly

Expected behaviour

The manage your account page loads on id.atlassian.com

Actual result

A Transaction not found error is shown on the screen on a tooltip next to the verification code field, the console shows the following message:

(!) Failed to load resource: the server responded with a status of 403 (Forbidden)
Page reloaded at 12:09:26 PM

https://auth.atlassian.com/guardian/api/verify-otp

Notes

• Pressing enter seems to be the trigger of the issue (Possibly performed by security applications for auto login), since it is not reproducible without this action, pressing enter is not needed since the validation occurs automatically once the 6 digits are on the field.
• Once it fails, even refreshing the page won't make it work.
• An invalid code does not trigger the issue.
• Limited to Safari, impacts the latest supported version.