-
Notifications
You must be signed in to change notification settings - Fork 265
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unlock account with voice disabled skips authenticator-verification-data step #1468
Comments
Thanks for reporting this issue |
Hi @denysoblohin-okta , is there any update on this issue? |
As a workaround you can use low-level API methods like await authClient.idx.start({
flow: 'unlockAccount',
});
await authClient.idx.proceed({
identifier: "user@example.com",
authenticator: {
id: "{phone_authenticator_id}"
},
step: "select-authenticator-unlock-account",
});
await authClient.idx.proceed({
authenticator: {
id: "{phone_authenticator_id}",
methodType: "sms"
},
step: "authenticator-verification-data",
});
instead of using |
@denysoblohin-okta , I tried the way you suggested. It still redirects me to code verification page directly. |
You mean you don't receive SMS on your phone? |
@denysoblohin-okta , yes. Thanks for your helping. I really appreciate. |
Describe the bug
Starting the unlock account flow with an okta environment setup to only use text message for recovery automatically selects SMS and skips the authenticator-verification-data step.
I'm calling the flow as follows:
This successfully starts the flow, and the user is immediately sent the text message. The forgot password flow works correctly, and takes the user to the authenticator-verification-data step.
Looking at the requests, the SDK is automatically adding
methodType: 'SMS'
to the request, which is causing the API to skip the step. When I test the api directly with the payload only including the identifier and authenticator, it correctly takes me to the authenticator-verification-data step.Payload results in transition to authenticator-verification-data
Payload results in transition to challenge-authenticator, and the text was sent without confirmation
Reproduction Steps?
idx.unlockAccount
idx.proceed
with the username and authenticator asphone_number
SDK Versions
System:
OS: Windows 10 10.0.19044
CPU: (12) x64 Intel(R) Core(TM) i7-8850H CPU @ 2.60GHz
Memory: 5.66 GB / 31.79 GB
Binaries:
Node: 18.12.1 - C:\Program Files\nodejs\node.EXE
Yarn: 1.22.19 - C:\Program Files\nodejs\yarn.CMD
npm: 8.19.2 - C:\Program Files\nodejs\npm.CMD
Browsers:
Edge: Spartan (44.19041.3570.0), Chromium (118.0.2088.57)
npmPackages:
@okta/okta-angular: ^6.2.0 => 6.2.0
@okta/okta-auth-js: ^7.4.2 => 7.4.2
Additional Information?
It looks like the issue is caused here: SelectAuthenticatorUnlockAccount.ts#L44-L52
The text was updated successfully, but these errors were encountered: