diff --git a/app/2fa/server/code/index.ts b/app/2fa/server/code/index.ts
index 233e86dded59..cdc12e6520ab 100644
--- a/app/2fa/server/code/index.ts
+++ b/app/2fa/server/code/index.ts
@@ -120,6 +120,11 @@ function _checkCodeForUser({ user, code, method, options = {}, connection }: ICh
 		user = getUserForCheck(user);
 	}
 
+	if (!code && !method && connection?.httpHeaders?.['x-2fa-code'] && connection.httpHeaders['x-2fa-method']) {
+		code = connection.httpHeaders['x-2fa-code'];
+		method = connection.httpHeaders['x-2fa-method'];
+	}
+
 	if (connection && isAuthorizedForToken(connection, user, options)) {
 		return true;
 	}