You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
A use logging in on the UI with Okta login mechanism is never prompted or able to input a nonce. On the Vault CLI the nonce is generated for the user, however on the UI it's not and throws the following error after the user accepts the Okta Push.
"Authentication failed: nonce must be provided during login request when presented with number challenge"
To Reproduce
Steps to reproduce the behavior:
Configure Okta Auth
Go to UI
Select Okta as the login type
Type username and password in
Wait for Okta Push
Accept Okta Push
The following error is returned at the top of the login view: Authentication failed: nonce must be provided during login request when presented with number challenge"
Expected behavior
Either the UI generates a nonce on the backend similar to the functionality of the CLI, or the user is prompted to enter one under the optional box. The former is the most user friendly and expected since it would match the functionality of the CLI.
Environment:
Vault Server Version (retrieve with vault status):
❯ vault status | egrep -i '(build|version)'
Version 1.11.2
Build Date 2022-07-29T09:48:47Z
Vault CLI Version (retrieve with vault version):
❯ vault version
Vault v1.11.2 (3a8aa12eba357ed2de3192b15c99c717afdeb2b5), built 2022-07-29T09:48:47Z
Server Operating System/Architecture:
Running in Vault container.
Vault server configuration file(s):
Describe the bug
A use logging in on the UI with Okta login mechanism is never prompted or able to input a nonce. On the Vault CLI the nonce is generated for the user, however on the UI it's not and throws the following error after the user accepts the Okta Push.
To Reproduce
Steps to reproduce the behavior:
Authentication failed: nonce must be provided during login request when presented with number challenge"
Expected behavior
Either the UI generates a nonce on the backend similar to the functionality of the CLI, or the user is prompted to enter one under the optional box. The former is the most user friendly and expected since it would match the functionality of the CLI.
Environment:
vault status
):vault version
):Running in Vault container.
Vault server configuration file(s):
Additional context
Likely related code path: a970427
The text was updated successfully, but these errors were encountered: