Closed tculp closed 1 year ago
remember_device
and the --remember-device, -m
flags don't have an affect on the saving of a device token. They set the rememberDevice
value that will be sent back to Okta when verifying a MFA challenge - this is the same thing as checking the "Don't prompt me again on this device" checkbox in the Oct login UI. A device token is sent to the client regardless of the value.
If you don't want the config file to be updated, you can set remember_device
to any random string.
Having
remember_device = False
and no device_token in the config file still saves a device token.Expected Behavior
Configuring to not remember a device should not save a device token.
Current Behavior
A device token is saved.
Possible Solution
Updating the logic in
handle_action_register_device
One workaround previously was setting
device_token = ''
in the config file, but it looks like https://github.com/Nike-Inc/gimme-aws-creds/commit/4aee4ed0d58ee7cab3de8a95d6958214ddd097f8 removed that.Steps to Reproduce (for bugs)
Context
Depending on permissions the config file may not be writable, so gimme-aws-creds cannot be used without disabling this feature.
Your Environment