I get null response {} when I try to verify the google authenticator passcode.
I don’t get a 403 Forbidden so seems like verification happens correctly at OKTA backend. But I don’t get the expected response such as this:
{
"expiresAt": "2015-11-03T10:15:57.000Z",
"status": "SUCCESS",
"relayState": "/myapp/some/deep/link/i/want/to/return/to",
"sessionToken": "00t6IUQiVbWpMLgtmwSjMFzqykb5QcaBNtveiWlGeM",
"_embedded": {
"user": {
"id": "00ub0oNGTSWTBKOLGLNR",
"passwordChanged": "2015-09-08T20:14:45.000Z",
"profile": {
"login": "dade.murphy@example.com",
"firstName": "Dade",
"lastName": "Murphy",
"locale": "en_US",
"timeZone": "America/Los_Angeles"
}
}
}
}
Instead I just get:
{}
I am making the api call like this:
await fetch(`https://dev-852787.oktapreview.com/api/v1/authn/factors/${data.factorId}/verify`, {
method: 'POST',
headers: {
Accept: 'application/json',
'Content-Type': 'application/json',
},
body: JSON.stringify({
stateToken: data.stateToken,
passCode: data.passCode,
}),
})
where data contains stateToken and passCode.
Any help is appreciated! Thanks.