Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for 3-number challenge when Okta Verify mobile app forces extra verification #81

Open
SmithTM90 opened this issue Dec 2, 2020 · 7 comments · May be fixed by #212
Open

Support for 3-number challenge when Okta Verify mobile app forces extra verification #81

SmithTM90 opened this issue Dec 2, 2020 · 7 comments · May be fixed by #212
Assignees
@nathan-v
Labels
enhancement New feature or request help wanted Extra attention is needed

Comments

@SmithTM90
Copy link

Is your feature request related to a problem? Please describe.
When attempting to use aws_okta_keyman, Okta Verify for Android determines that it is an "unusual" login attempt, and forces an additional layer of verification with the 3-number challenge. Unfortunately, this prevents further use of aws_okta_keyman

Describe the solution you'd like
The CLI tool should be able to integrate with this 3-number challenge verification step, and report back the correct number to select in the Okta Verify mobile app so that users can get past this stage and be able to use aws_okta_keyman successfully when additional verification is required.
@SmithTM90 SmithTM90 added the enhancement New feature or request label Dec 2, 2020
@nathan-v
Copy link
Owner

Hi @SmithTM90 I've never seen that issue or case. Do you have an Okta setting that causes this?

@jasonmfehr
Copy link

Hi @nathan-v we have this issue too. If Okta detects something amiss with the login attempt, it does an additional challenge. It could be a setting that our org uses, I am not sure though. The way we can cause the three number challenge to happen is by connecting to a VPN that routes outbound internet through a distant city.

@nathan-v
Copy link
Owner

If someone knows the setting required to cause this I can set it up in a test Okta to try and replicate. I'd love to be able to support this.

@nathan-v nathan-v added the help wanted Extra attention is needed label Mar 4, 2022
@krichter
Copy link

@nathan-v - I believe it's this setting: https://help.okta.com/oie/en-us/Content/Topics/identity-engine/authenticators/configure-okta-verify-options.htm

@andre-nguyen
Copy link

For some reason (maybe my org put these settings?) I'm getting the 3 number challenge all the time. Any way around this?

@Pashtetollo Pashtetollo linked a pull request Sep 23, 2024 that will close this issue
Open
@Pashtetollo
Copy link

I created PR that fixes the issue for me by pulling the needed number from request status once the Okta issues 3-number challenge, couldn't find any Okta documentation for how to retrieve number challenge answer for this authentication method so just implemented solution by debugging the process. Feel free to rewrite or update it it as needed.

@andre-nguyen
Copy link

Alternatively, I've been pointed to this https://github.com/Nike-Inc/gimme-aws-creds which seems to work for me. Not clear if this is org dependent though.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nathan-v nathan-v

Labels
enhancement New feature or request help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
6 participants
@krichter @nathan-v @jasonmfehr @andre-nguyen @SmithTM90 @Pashtetollo