Open kaitea opened 4 years ago
I'd also be interested in this! If there's a clean way of implementing it within the tool is it something you'd take a PR for?
I'd be interested in this as well. okta-aws
currently does this, via cached tokens in ~/.okta/cookies.properties
This would help out UX immensely. I have an Amazon Web Services "sign on" rule that requires an MFA challenge once per session. It requires an Okta double push which confuses and irritates the end-users.
My company has it's own, much modified version of https://github.com/RedVentures/oktad that we're trying to get away from, but the caching is a pretty serious need for our workflows. Most of our teams work in 2-5 accounts a day and regularly for-loop auth to them, but having to do the MFA dance on each every account (sometimes as many as a dozen) is exceptionally tedious.
Love this tool otherwise and would love to see this feature.
I think this is already implemented in the most recent version of this tool? Today I tried it out and it stopped asking me for Okta OTP in my multiple, sequential saml2aws runs.
When running
saml2aws login
, it keeps asking for the MFA token for every new login attempt (to a different aws account)Is there a way to cache the login session to IDP (okta) and not have to enter an MFA token for login attempts to different aws accounts? (Our Okta setup allows for 24hr login session, after password and MFA token entry)
Thanks