Hi,
I’m trying to import users’ passwords from “org A” to “org B” by using Password Import Inline Hook. I set up an external application which will trigger the Authn API to authenticate the users’ credentials in “org A” when login to “org B”. However, the Authn API seems to be not executed. My code is shown as following:
app.post("/passwordImport", passwordImportValidation, (req, res) => {
const credentials = req.body.data.context.credential;
var raw = JSON.stringify({
"username": credentials.username,
"password": credentials.password,
});
fetch("https://<org A domain>/api/v1/authn", {
method: 'POST',
body: raw,
headers: {
"Content-Type": "application/json;charset=UTF-8",
"Access-Control-Allow-Origin": "*",
"Access-Control-Allow-Methods": "POST",
"Access-Control-Allow-Headers": "Content-Type"
}
})
.then((response) => {
if (response.status === 200) {
return res.status(200).json({
commands: [
{
type: "com.okta.action.update",
value: {
credential: "VERIFIED",
},
},
],
});
} else {
console.log("Not verified. Password not imported.");
return res.status(204).send();
}
})
.catch(error => console.log('error', error))
});
Brief description: The code will take in the credentials when users login to “org B”. Then, it will trigger the fetch function to do the POST request of the Authn API to the “org A”. If the credentials are verified, it should return the needed res.status(200) and the command. After that, “org B” will store the credentials and the password is imported successfully.
I’m sure that my Password Import Inline Hook is set up correctly because if using a hardcoded credentials check, such as the Okta documentation example, the credentials can be imported.
If anyone has any suggestions, it might help me a lot. Thanks!