ShekharD.60781 (Customer) asked a question.
OKTA integration with AWS SFTP sever
Hi,
We are working on a use case to integrate OKTA with AWS SFTP server, when user login to SFTP server gets authenticated via OKTA API by passing password and six digit MFA code from OKTA verify.
Issues we have--
- When user authenticate using password and MFA code why there is second verification using Push notification.
- Is there a way, if we can use only push notification for users instead of appending six digit MFA code with password.
- Push notification gives wrong user location always from US Oregon region. How to fix this.
Any help will be appreciated.
Hi @ShekharD.60781 (Customer) , Thank you for reaching out to the Okta Community!
If you are already using the totp code, push should not be required. Perhaps review any sign on policy that might be overlapping causing a double request for MFA.
https://help.okta.com/en-us/Content/Topics/Security/MFA_App_Level.htm
https://help.okta.com/en-us/Content/Topics/Security/policies/policies-home.htm
In case you have not had a chance, please review the following article as well:
https://aws.amazon.com/blogs/storage/using-okta-with-multi-factor-authentication-for-aws-transfer-for-sftp/
As for the location issue, please review our networking documentation:
https://help.okta.com/en-us/Content/Topics/Security/network/about-dynamic-zones.htm
In short:
Locations are determined based on the IP of the request using MaxMind as the geolocation provider. For issues with location accuracy or information about how country and region codes are used, see MaxMind and GeoIP Legacy Codes.
If my answer helped, remember to mark it as best to increase its visibility for other members of the Okta Community who might have the same questions as you.
Hope my answer helps!
--------------------------------
The Okta Community Catalysts Program is now live. Collect online badges when you participate in the Okta Help Center Questions community. Learn more here.