Have you checked your emails to see if you had received a notification warning you, you were about to loose access to your admin console…
I’ve reviewed mine, and so far I can’t find the warning that would have warn me about preventing this issue.
Good luck mate and let us know if you resolved this and how please !
Seb
I had a todo on my list on my desk to activate MFA for OKTA, was about to do it… this is one of the saddest story in the history of IT world if you want my opinion. The second one would be Teamviewer renewal policies…
No, I had to create a new account. Was there any email notification? I checked and haven’t spotted it.
Plus, to create a new account I had to purchase a domain name with email, because they no longer accept personal emails.
I’ve yet to migrate my users to the new account, but I really need to get moving on this. Fortunately it’s a small app without too many users, otherwise it would be a nightmare.
Thank you for your information… it must be because we were using social email addresses. My only option seem to be to have help from developers community member/staff. Have a great day, i’m clearly more affected by the situation then you are lucky you ! Glad you could work it out with the new account !
This is likely related to the changes we’ve been making to require admins to use a 2nd factor when accessing the Admin app (as announced on banner on this forum and the following article).
If you have a paid account with Okta, you can reach out to support (via phone, since you wouldn’t be able to log into the support ticketing system) for assistance.
If this is a Developer Free org, unfortunately, support will not be able to assist you to reclaim access to this account as doing so would be a security liability. In this case, your only option would be to create a new org. Currently we have no easy way to remove your existing email from our system to allow for creation of a new org with the same email, so you would need to use a different corporate email when signing up for your new org.
Apologies for the inconvenience this may have caused!
@sebastiendube@mcduser999 So did you both make a new account? Were you able to migrate users to it without resetting passwords? We have about 1000 customers logging in with our Okta account, but we are locked out of it as admins.
@joshbaltzell - I made a new account. I only have a few users, maybe 20, and I’ve already added a few of them to the new account. I just had them reset their passwords.
I personally doubt you will be able to migrate the passwords. It might be a good security measure to have them reset it anyway.
I had a very similar issue, where all admin users were unable to login to the admin console with the same message as the OP. I found a fix in this thread
In my case, it was an issue with all MFA methods somehow becoming deactivated, causing each login to fail. The fix was to reenable them using the factors api (although this requires an API token, so you may be out of luck if you don’t have one…)
An example curl command to reenable okta verify is:
I’ve wrote to community(at)okta, developers(at)okta
I’ve posted in forums devforum(.)okta and support(.)okta forums
Pretty sure I’ve tried some online form / ticket submit
and so far no help is available for me.
Since our Okta users can still login to our Web apps using the (Okta auth) (thanks to internet god). I’m taking this precious time to take a decision with concerned businesses as to Drop OKTA for now (cheap solution) or create and configure a new account (wich is gonna be costy and a pain). I dont have much users like you do, it was only used for internal staff and dev.
A kind employee (Diana) recently answered me on the support(.)okta, she told me that maybe if I create a paid account, from there I could have support to the preview account and fix it. This is the closest to a solution I’ve been in contact with. From comments, there and there, I think some of us (tossed out preview users) were able to have the MFA disabled so they can brefly log in. I guess they were the first of us to realize the toss.
This situation makes me (us) looks like fool(s) and I (probably we) will remember this for a while.
Lets hope they put an end to this sad toss out, else I wish luck to anybody like me that didn’t had an API TOKEN (if you do then, some solutions have been posted).
The worst part is that I remember creating one (API Token), then I realized I needed that Auth Token instead so I destroyed the Api Token thinkin to my self “I made a breach that I wont be using, lets destroy it”. For some reason this memory came back to me lately !