irsil (irsil) asked a question.
Background - most of our Okta users have their login as firstname.lastname and email as a valid email, they access multiple applications, we want to standardized login policy so we decided that login should always be an email, but some of the apps are not yet ready to update the users profile they still want the user to login using their firstname.lastname, so for apps that are ready we want to update their tenant to use the same user profile but instead of updating the user profile (since its shared) just start using the email address to validate against the user profile on a authn call.
What we want to achieve is - current /api/v1/authn validates the username against the login field from the users Okta profile, we want to change this default behavior such that the username we post to the api gets matched with the email field instead of the login field. How can we achieve this. Note - we do not want MFA
Hello @irsil (irsil)
Please check the following link with related information:https://developer.okta.com/docs/guides/oie-embedded-sdk-use-case-sign-in-pwd-email/ios/main/#set-email-as-optional-for-authentication-enrollment
Also, feel free to post this question on our Okta Developer Forums: https://devforum.okta.com and they should be able to help you with this.
Regards,
Henry Esquivel
Okta Inc.
Thanks for the response, this looks like MFA after user is successfully authenticated with username and password, we have a custom login screen, we need the user to enter username as email address and not show the user any MFA verification prompt. we want /api/v1/authn - Primary authentication model to validate the posted username against Okta users profile email field instead of login field.
also posted in dev forum