You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
When a change including a new required MFA factor in Okta is pushed to users, okta-awscli crashes when trying to obtain the session cookie in okta_auth.py::OktaAuth.get_session().
Some investigation showed that the /api/v1/sessions request was returning a HTTP 401 Unauthorized status with the error code "E0000004: Authentication exception".
The crash seems to happen because Okta is accepting the login credentials, but refusing to accept any API calls until the user logs onto the Okta web page and enrolls into the newly-added required MFA factor. After performing the enrollment, the crashes disappear.
To Reproduce
Steps to reproduce the behavior:
Have a preexisting user in Okta
Have a change be pushed to Okta configuration that adds a new required MFA factor
Try to obtain credentials using okta-awscli - a crash will happen after entering the password and performing MFA authentication.
Expected behavior
okta-awscli should return a clear message stating that the server denied the request to obtain the session cookie, and instructing the user to log off of Okta's web page, log back in and follow the instructions shown on the screen (if any) to restore access to their Okta account.
Output
Cannot reproduce the behavior anymore as I've already enrolled into the newly added MFA factor in my Okta account
Environment (please complete the following information):
OS: Windows 10
Version of okta-awscli you're running: 0.5.4
Additional context
N/A
The text was updated successfully, but these errors were encountered:
Describe the bug
When a change including a new required MFA factor in Okta is pushed to users, okta-awscli crashes when trying to obtain the session cookie in okta_auth.py::OktaAuth.get_session().
Some investigation showed that the
/api/v1/sessions
request was returning a HTTP 401 Unauthorized status with the error code "E0000004: Authentication exception".The crash seems to happen because Okta is accepting the login credentials, but refusing to accept any API calls until the user logs onto the Okta web page and enrolls into the newly-added required MFA factor. After performing the enrollment, the crashes disappear.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
okta-awscli should return a clear message stating that the server denied the request to obtain the session cookie, and instructing the user to log off of Okta's web page, log back in and follow the instructions shown on the screen (if any) to restore access to their Okta account.
Output
Cannot reproduce the behavior anymore as I've already enrolled into the newly added MFA factor in my Okta account
Environment (please complete the following information):
Additional context
N/A
The text was updated successfully, but these errors were encountered: