Enroll and auto-activate Okta Email Factor

Questions API
1

Hi,

I am trying to use Enroll and auto-activate Okta Email Factor API. My end goal is to avoid the verification email being sent to user and just allow a user to directly receive code on their email.

Request : https://okta-domain/api/v1/users/{user-details}/factors?activate=true
Request Body : {
“factorType”: “email”,
“provider”: “OKTA”,
“profile”: {
“email”: “test@gmail.com
}
}

When I tried using the API got the below error in response:

{
“errorCode”: “E0000001”,
“errorSummary”: “Api validation failed: factorEnrollRequest”,
“errorLink”: “E0000001”,
“errorId”: “oae7oZ1xyRmSZaTB8aOC-fzIg”,
“errorCauses”: [
{
“errorSummary”: “A factor of this type is already set up.”
}
]
}

Please let me know if anyone can suggest something.

Thanks

2

Hi @ank_gupta. Is your org using Okta Classic or Okta Identity Engine?

3

OKTA Identity Engine

4

The email authenticator is auto-enrolled for both authentication and recovery flows when a user verifies their primary email address or if you provide it during user creation. This ensures that the user doesn’t receive redundant email enrollment challenges if they already proved they own the email address (self-service registration) or if they don’t need to prove they own the email address (admin-created users).

1 Like
5

Hey Louie,

Is there a way to skip the email verification step in OKTA ? Like we enroll the email and user just get the code on email without veriffying the email address ?

Outlook-kxglw4ju.png

6

Hi Louie,

My org is Okta identity Engine. But the email authenticator is still auto-enrolled even it’s optional for a new user created with api (with password and activated with creation). It’s normal ?

Thanks for your return.

Inter