Enroll Call Factor API Call

Questions API
1

My GET command is working as intended and returning the user but the POST command to enroll the user into their Call Factor isn’t working and is returning a “400 BAD REQUEST” Error.

I appreciate any ideas to try here

PowerShell Command

Invoke-RestMethod -Method Post -Uri https://OktaTenant.okta.com/api/v1/users/UserID/factors -Headers @{
“Accept” = “application/json”,
“Content-Type” = “application/json”,
“Authorization” = "SSWS "
} -Body @{
“factorType” = “call”,
“provider” = “OKTA”,
“profile” = @{
“phoneNumber” = “+1-###-###-####”
}
}

Output

VERBOSE: Getting Okta User Account
VERBOSE: GET https://OktaTenant.okta.com/api/v1/users/kyle.test
VERBOSE: Headers {
“Accept”: “application/json”,
“Content-Type”: “application/json”,
“Authorization”: "SSWS "
}

VERBOSE: GET https://OktaTenant.okta.com/api/v1/users/kyle.test with 0-byte payload
VERBOSE: received -1-byte response of content type application/json
VERBOSE: Enrolling User into Okta Call Factor
VERBOSE: POST https://OktaTenant.okta.com/api/v1/users/UserID/factors
VERBOSE: Headers {
“Accept”: “application/json”,
“Content-Type”: “application/json”,
“Authorization”: "SSWS "
}
VERBOSE: Body {
“factorType”: “call”,
“provider”: “OKTA”,
“profile”: {
“phoneNumber”: “+1-###-###-####”
}
}
VERBOSE: POST https://OktaTenant.okta.com/api/v1/users/UserID/factors with -1-byte payload

Error from Output

Invoke-RestMethod : The remote server returned an error: (400) Bad Request.

At E:\uitl\Prepare-OktaVerify\OktaModule.ps1:42 char:5
+ Invoke-RestMethod @InvokeRestmethodSplat -Verbose
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException
+ FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand

2

The 400 should return an error object in the response body, this should give you clues on what’s happening.

Example:

3

This is my attempt in PostMan.

I’ve tried different formats with the phone number and with the phoneExtension option but cannot figure out what is the problem with my request body.

POST https://Tenant.okta.com/api/v1/users/1234abcd56ef/factors

Request Body:
{
“factorType”: “call”,
“provider”: “OKTA”,
“profile”: {
“phoneNumber”: “+1-###-###-####”
}
}

Response Body:
{
“errorCode”: “E0000003”,
“errorSummary”: “The request body was not well-formed.”,
“errorLink”: “E0000003”,
“errorId”: “oaedv4sO-vwRIOsbYxMQmgC8A”,
“errorCauses”:
}

4

“errorSummary”: “ The request body was not well-formed.

The request body you’re sending looks a bit different to the example if you follow @brh55’s link. Factors | Okta Developer

5

I installed curl so I could replicate the exact code that Okta provides there and just replaced the specific environment specific areas. I got the same error, even removing the phone extension portion.

This account does not already have their call factor enrolled. It has no factor enrolled at all.

curl -v -X POST
-H “Accept: application/json”
-H “Content-Type: application/json”
-H “Authorization: SSWS ${api_token}
-d ‘{
“factorType”: “call”,
“provider”: “OKTA”,
“profile”: {
“phoneNumber”: “+1-555-415-1337”,
“phoneExtension”: “1234”
}
}’ “https://${yourOktaDomain}/api/v1/users/00u15s1KDETTQMQYABRL/factors”

RESULT
{“errorCode”:“E0000003”,“errorSummary”:“The request body was not well-formed.”,“errorLink”:“E0000003”,“errorId”:“oae0X-vsH4nSSWvU6v7FmKu-Q”,“errorCauses”:}* Connection #0 to host TENANT.okta.com left intact

6

You have to convert it to JSON.

GitHub - gabrielsroka/OktaAPI.psm1: Call Okta API from PowerShell -- unofficial code. will do this, and more.