vdc305
April 11, 2023, 1:30am
1
I am unable to register a user with Okta OEI.
Below is the okta configuration
export const oktaClient = () => {
return new OktaAuth({
issuer: 'https://{customAuthzServer}/oauth2/{customAuthzServerID}',
clientId: 'OIDCAppClientID',
redirectUri: 'https://localhost.test.myapp.com:3001/callback',
scopes: ['openid', 'profile', 'email'],
pkce: true,
useInteractionCodeFlow: true
});
};
React app configuration to use idx.register
const oktaAuth = oktaClient();
const transaction = await oktaAuth.idx.register({
firstName: this.state.firstName,
lastName: this.state.lastName,
email: this.state.email,
authenticators: ["okta_password"] // even tried with authenticators: ['password']
});
I am able to get a status as ‘PENDING’
but the below configuration calls only /introspect and /enroll
const {
pwdstatus, // IdxStatus.SUCCESS
tokens
} = await oktaAuth.idx.proceed({
password: 'mytestPwd'
});
console.log(pwdstatus)
const {
proceedstatus, // IdxStatus.SUCCESS
} = await oktaAuth.idx.proceed({
skip: true
});
console.log(proceedstatus)
Please let me know if there are any changes required Profile Enrollment or the register call to Okta?
vdc305
April 11, 2023, 11:05pm
2
For anyone who might have issues in future.
I had to configure profile enrollment as below
The signOn authentication policy for my OIDC app has only password as authenticator.
I had to update authenticator enrollment policy to include email and phone as optional or disabled.
Global session policy allocated to the pertaining group the user is created. For this example I have it as “Everyone”
I am able to create a user in Okta get status as Pending with enroll-authenticator with password as next step as below
Step 1
let registerTransaction = await oktaAuth.idx.register({
firstName: "testuser",
lastName: "testlastname",
email: "testemail@gmail.com"
authenticators: ["okta_password"]
});
and then proceed with
Step 2
const proceedTransaction = await oktaAuth.idx.proceed({
password: "myPwd"
});
for the above step 2 I get status as Pending and nextStep as select-authenticator-enroll for email and phonenumber and that could be because authenticator enrollment policy as email and phone number as optional. But since I need registration only with password I have step 3
Step 3
const skipTransaction = await oktaAuth.idx.proceed(
{ skip: true }
);
for the above step 3 I get status as Success with tokens consisting of access and id.
1 Like
system
Closed
April 12, 2023, 11:05pm
3
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.