Master code option in MFA API?

Angus · June 29, 2017, 8:34pm

###Story

Angus logs in website with his username and password.
He sees the screen asking for code from Google Authenticator.
He unlocks the phone and opens Google Authenticator.
He finds out the Google Authenticator is not working and does not display the auth code for some reason.
Alternatively, he enters the master code he got when setting up 2FA.
He logs in successfully.

###Question
Does OKTA MFA API give the user a master code when user sign up for MFA?

mcguinness · June 30, 2017, 4:02pm

Google Authenticator is a standards-based implementation of TOTP. When enrolling the factor, a “shared secret” is generated by Okta and stored in Google Authenticator as part of the enrollment process (e.g. scanning QR code or manually creating a new entry). Okta asks you to complete a TOTP challenge as part of the enrollment process to make sure you the end-user has successfully configured their authenticator.

You can only obtain the “shared secret” during factor enrollment.

https://developer.okta.com/docs/api/resources/authn.html#enroll-google-authenticator-factor
https://developer.okta.com/docs/api/resources/factors.html#enroll-google-authenticator-factor

system · January 12, 2024, 7:05pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.

Post		Replies	Views
Unable to retrieve shared secret for TOTP after enrolling TOTP factor API mfa	3	441	July 25, 2024
Build a One-time Password Token for MFA with Okta Developer Blog Comments	0	2627	August 29, 2018
Okta Verify MFA Questions	5	2386	October 19, 2022
Unable to retrieve shared secret for TOTP after enrolling push factor API mfa	3	4666	January 12, 2024
Google Authenticator Questions	2	2184	August 4, 2023

Master code option in MFA API?

Related topics