You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Starting the unlock account flow with an okta environment setup to only use text message for recovery automatically selects SMS and skips the authenticator-verification-data step.
This successfully starts the flow, and the user is immediately sent the text message. The forgot password flow works correctly, and takes the user to the authenticator-verification-data step.
Looking at the requests, the SDK is automatically adding methodType: 'SMS' to the request, which is causing the API to skip the step. When I test the api directly with the payload only including the identifier and authenticator, it correctly takes me to the authenticator-verification-data step.
Payload results in transition to authenticator-verification-data
Describe the bug
Starting the unlock account flow with an okta environment setup to only use text message for recovery automatically selects SMS and skips the authenticator-verification-data step.
I'm calling the flow as follows:
This successfully starts the flow, and the user is immediately sent the text message. The forgot password flow works correctly, and takes the user to the authenticator-verification-data step.
Looking at the requests, the SDK is automatically adding
methodType: 'SMS'
to the request, which is causing the API to skip the step. When I test the api directly with the payload only including the identifier and authenticator, it correctly takes me to the authenticator-verification-data step.Payload results in transition to authenticator-verification-data
Payload results in transition to challenge-authenticator, and the text was sent without confirmation
Reproduction Steps?
idx.unlockAccount
idx.proceed
with the username and authenticator asphone_number
SDK Versions
System:
OS: Windows 10 10.0.19044
CPU: (12) x64 Intel(R) Core(TM) i7-8850H CPU @ 2.60GHz
Memory: 5.66 GB / 31.79 GB
Binaries:
Node: 18.12.1 - C:\Program Files\nodejs\node.EXE
Yarn: 1.22.19 - C:\Program Files\nodejs\yarn.CMD
npm: 8.19.2 - C:\Program Files\nodejs\npm.CMD
Browsers:
Edge: Spartan (44.19041.3570.0), Chromium (118.0.2088.57)
npmPackages:
@okta/okta-angular: ^6.2.0 => 6.2.0
@okta/okta-auth-js: ^7.4.2 => 7.4.2
Additional Information?
It looks like the issue is caused here: SelectAuthenticatorUnlockAccount.ts#L44-L52
The text was updated successfully, but these errors were encountered: