pranav-bhatt
commented
11 months ago The -m flag has no effect
Open pranav-bhatt opened 11 months ago
pranav-bhatt
commented
11 months ago The -m flag has no effect
anukrati1507
commented
11 months ago I am facing the same issue. The flag seems to be not working as expected.
pranav-bhatt
commented
11 months ago @epierce any idea about this? If you need any extra info, I'll be happy to provide the same :)
epierce
commented
11 months ago Have you run gimme-aws-creds --register-device? That will set the device_token value that will be sent to Okta in the DT token. The -m flag doesn't do anything without the device token.
pranav-bhatt
commented
11 months ago Yes I have tried with that flag but it still asks for MFA each time 😞
Another thing I noticed is that my device shows up as 'Unrecognised Device' each time now in the MFA prompt. Earlier is used to show up as 'Mac OS...' or something similar.
kylefuhrmanncalm
commented
10 months ago Adding on here: If I don't have device_token in the config file, using -m for me appropriately confirms that I registered a new device, and no longer has Unrecognized Device on my Okta Verify prompt, but it does still ask me to verify each login.
So it seems in my example, it's appropriately at least recognizing that its sending the device token.
Each time I run
gimme-aws-creds, the Okta MFA Verification is required by me each time I run the command. It's quite an inconvenience, and I'm not sure what changed. This issue started occurring just a few weeks ago, and I haven't made any account changes in the past few months.Expected Behavior
In the past, it would remember that I have performed MFA already, and would remain authenticated at least for a few hours.
Current Behavior
I have to perform MFA each time I run the command. Okta doesn't remember that I've already authenticated. The same issue doesn't happen with my browser, where Okta remembers that I've logged in (even after I close and reopen within a few hours).
Your Environment