saml2aws icon indicating copy to clipboard operation
saml2aws copied to clipboard
verified publisher icon Versent

Okta: Please support Additional Factor Number Authorisation

Open markus-geiger opened this issue 3 years ago • 1 comments

Additional factor correct answer is

Just got that today and was blocked from successful authentication for a moment: image

1/3 chance to hit the right number in the authenticator app. And luck was by my side ;)

The challenge numbers will only display when Okta calculates an authentication as being risky.

gimme-aws-creds answers by Additional factor correct answer is: " + str(answer):

Check implementation here: https://github.com/Nike-Inc/gimme-aws-creds/blob/master/gimme_aws_creds/okta.py

if '_embedded' in response_data['_embedded']['factor']:
  if response_data['_embedded']['factor']['_embedded']['challenge']['correctAnswer']:
    if self._print_correct_answer:
      self._print_correct_answer(response_data['_embedded']['factor']['_embedded']['challenge']['correctAnswer'])

It would be nyce to have that also suported in saml2aws since I found that tool far better then gimme-something… though actually testing it might be not so easy.

markus-geiger avatar Dec 21 '22 14:12 markus-geiger

This has already been built by a few people - a recent one is here: https://github.com/Versent/saml2aws/pull/877

But unfortunately at the moment there's been little response on requests to merge etc... :(

amasses avatar Jan 11 '23 02:01 amasses