An organization is attempting to integrate TeleSign as a third-party telephony provider for Okta SMS factors. Despite having a valid Customer ID and API Key, the setup preview returns the error mentioned below, indicating that TeleSign is rejecting the credentials provided in the hook configuration.

Remote server responded with client error, responseCode=401 message=Unauthorized

• Okta Identity Engine (OIE)
• Telephony Inline Hook
• Initial Setup
• Credential Update

TeleSign requires Basic Authentication for its API. The error occurs when the Authorization header in the Okta Inline Hook configuration is either missing or contains a string that is not properly formatted as a Base64-encoded pair of the Customer ID and API Key.

To resolve the error, manually generate the Base64-encoded string and apply it correctly to the Inline Hook's Authorization header.

1. Locate the Customer ID and API Key from the TeleSign portal.
2. Combine them into a single string using the format: CustomerID:APIKey. Ensure there is a colon punctuation mark between them.
3. Convert that entire string (including the colon) into a Base64 encoded format.
   • Example: If the Customer ID is 123 and the API Key is abc, encode 123:abc to get MTIzOmFiYw==.
4. Update Okta Configuration:
   1. Log in to the Okta Admin Console.
   2. Navigate to Workflow > Inline Hooks.
   3. Select the TeleSign Telephony Hook.
   4. Under the Auth Header section, ensure the Auth Scheme is set to Header.
   5. In the Authorization field, enter the word Basic followed by a space and the Base64 string.
   6. Format: Basic [Example_Base64_String]
5. Test: Use the Preview tab in the Hook configuration to verify the 200 OK response.

Related References

• Okta telephony - Generate authentication secret using API explorer