Not allowed when calling api/v1/authn/factors/SMS/verify

cdonate · January 11, 2022, 6:28pm

Hello guys. I’m trying to test the SMS password recovery flow.

First I call:

curl --location --request POST 'https://OKTADEV/api/v1/authn/recovery/password' \
--header 'Authorization: SSWS token' \
--header 'Content-Type: application/json' \
--data-raw '{
  "username": "username",
  "factorType": "SMS"
}'

and I get the stateToken and the status is returned as RECOVERY_CHALLENGE

With the stateToken I call:

curl --location --request POST 'https://OKTADEV/api/v1/authn/factors/SMS/verify' \
--header 'Authorization: SSWS TOKEN' \
--header 'Content-Type: application/json' \
--data-raw '{
  "stateToken": "TOKEN FROM LAST CALL",
  "passCode": "XXXXXX"
}'

But I get this response:

{
    "errorCode": "E0000079",
    "errorSummary": "This operation is not allowed in the current authentication state.",
    "errorLink": "E0000079",
    "errorId": "oae0z7F_4vQQtapf4jD4cPaUw",
    "errorCauses": [
        {
            "errorSummary": "This operation is not allowed in the current authentication state."
        }
    ]
}

Can anyone help me with that? Am I missing any steps?

cdonate · January 12, 2022, 6:45pm

Anybody? I need some help.

Post		Replies	Views
Unable to validate recovery token API reactjs , react	4	2485	December 8, 2022
Trying to use the ChangePassword API and getting E0000079 API api	7	7429	January 17, 2024
SMS MFA okta notification Questions	3	2883	March 14, 2022
Getting this error:- OKTA SAML SAML	3	3861	January 24, 2024
Error from api/v1/authn API endpoint API	2	5582	February 19, 2020

Not allowed when calling api/v1/authn/factors/SMS/verify

Related topics