Authenticate after Create for Trusted application

humblesticker · August 7, 2018, 8:45pm

Hi all.

1)
{{url}}/api/v1/users?activate=true
with headers 
Authroization: SSWS {{apikey}}

{
  "profile": {
  	"firstName": "A",
    "lastName": "5login",
    "email": "5login@gmail.com",
    "login": "5login"
  },
  "credentials": {
    "password" : { "value": "Password111" }
  }
}

2)
{{url}}/api/v1/authn

with headers 
Authroization: SSWS {{apikey}}
X-Device-Fingerprint: fingerprint1

{
  "username": "5login",
  "password" : "Password111"
}

I am getting SUCCESS state for authentication in step 2 instead of MFA_REQUIRED.
If I drop X-Device-Fingerprint it returns MFA_REQUIRED as expected.

Does anyone has a clue why Okta behaves this way? Is there anyway to get MFA_REQUIRED while sending X-Device-Fingerprint?

Thanks.
Brian.

Post		Replies	Views
Authentication for user set up for MFA successful through API call without receiving one time verification code on email Questions	2	2543	February 12, 2024
Can't get status MFA_ENROLL when authenticating with API API	7	2445	March 8, 2023
OKTA MFA flow , Please help Questions	1	3065	February 6, 2024
How To Access The /Verify Network Response In My JavaScript Using Okta Widget and MFA OAuth/OIDC widget , oauth	2	2903	February 12, 2024
Authn API signInWithCredentials is giving status as 'SUCCESS' instead of 'MFA_CHALLENGE' Questions	3	1394	November 7, 2023

Authenticate after Create for Trusted application

Related topics