MichaelJ.57862 (Customer) asked a question.
deviceToken in authn API does not work
I’m using the /authn API to authenticate a user with the deviceToken as part of the context body as follow:
I’m able to get a sessionToken after going through MFA_REQUIRED, but I get challenged at every subsequent logins because my new device policy is being triggered. It seems like the New Device behavior policy does not understand the deviceToken. I keep seeing that my request is coming as a new device. Has anyone has seen this issue with OIE?
Hello @MichaelJ.57862 (Customer) Thank you for reacting out to our Community!
Please see the answer to this question on our document below:
https://support.okta.com/help/s/article/Device-Token-in-Auth-API?language=en_US
The Okta Community Catalysts Program is now live. Collect online badges when you participate in the Okta Help Center Questions community. Learn more here.
Join us in the Oktane discussion group to connect with attendees or just stay connected to the event.
Hi Paul,
Thanks for the reply. This proposed solution does not work. This is exactly what I'm reporting. If you have the NEW DEVICE behavior enabled in your Global Session Policy in OIE, you will always get challenged for MFA. Even if you have succesfully authenticated and validated your MFA with the deviceToken in the context body.
There seems to be an issue where the NEW DEVICE policy is not trusting the deviceToken coming from API calls.