ChristopherM.42189 (Customer) asked a question.
The workflow is as follows:
The user receives the "Sign in" banner in Outlook on iOS and taps it
The user receives the Microsoft Authenticator "Open Authenticator" button and taps it
The user is prompted for their email/OKTA password in Outlook on iOS
User inputs their password into the OKTA sign-in pop-up
User receives, "Unable to sign in" error
There are no failed or invalid sign in attempts in their OKTA sign in logs and Microsoft sign in logs
The user is able to login to their OKTA dashboard on their computer successfully (MyOrg.okta.com)
The user is able to login to every other service federated in OKTA without issue on their computer
The only fix we have identified is to have the user reset their password on their end or have IT reset their password
Troubleshooting that has not worked:
Verified that users OKTA accounts are not locked
Verified that their password is not expired
Restarting the phone
Performed a forced restart on the phone
Performing an account reset in the Outlook app
Removing the Outlook account from the app and re-adding it
Deleting and reinstalling the Outlook app
Date and time is on "Set Automatically"
Network connection is stable
Several users in our organization have reported the same issue.
Same issue as the following post:
https://support.okta.com/help/s/question/0D54z00007HZ0bhCAD/unable-to-sign-in?language=en_US
Hello @ChristopherM.42189 (Customer) Thank you for posting on our Community page!
If there is a failed attempt to login into Okta, the System log should track it. That being said, I would recommend to review the logs in Okta side as soon as the user tries to sign in and have the search blank so that it will return all results.
This way you will be able to see if there is a policy/bad username and password or any other issue that denies the user to login on their phone.
My initial hunch tells me that the user is blocked by a policy, however since you mentioned that after a password reset it works it might lead me to believe that this might be related to Threat inside, where since the login is detecting a new device it might automatically block it.
Thank you for reaching out to our Community and have a great day!
--
Join the discussion for the Ask Me Anything online event on May 23, 2024 with Okta Tactical Edge Product Experts
Greetings @nfmez (nfmez) ! I have reviewed the logs on the OKTA side and the user's sign in attempts do not appear there. As far as I can tell, there is no record that I can see where the user attempted to sign in. Do you have any other suggestions?
Hi @ChristopherM.42189 (Customer) If there are no authentication attempts in the Okta System log that means the user never reaches Okta so the problem might be someplace else.
I would recommend to open a Case with Support for additional assistance.
Thank you for reaching out to our Community and have a great day!
--
Join the Ask Me Anything online event on June 13, 2024 to discuss the new Govern Okta Admin Roles feature with our Experts