Okta Eventhook for Twilio feedback returning error

[lgaudreau]

I've configured the Okta integration with Twilio Verify successfully following the instructions in this document with the code from this repository: https://www.twilio.com/en-us/blog/okta-byot-verify

Twilio is sending the SMS codes and users are able to authenticate with them.

When testing the Feedback event webhook using user.authentication.auth_via_mfa, Okta shows 'Request Delivery Successful', but Twilio shows the following error in the live logs:

TypeError: Cannot read properties of null (reading 'includes') at exports.handler (/var/task/handlers/ZN2c1b52584b162b86b02e9be688d9b70d.js:24:219) at exports.handler (/var/task/node_modules/runtime-handler/index.js:339:10) at exports.handler (/var/task/runtime-handler.js:17:17) at Runtime.handleOnceNonStreaming (file:///var/runtime/index.mjs:1173:29)

When testing user.mfa.factor.authenticate, the following error shows in the live logs:

TypeError: OktaClient.getUser is not a function at exports.handler (/var/task/handlers/ZN2c1b52584b162b86b02e9be688d9b70d.js:30:33) at exports.handler (/var/task/node_modules/runtime-handler/index.js:339:10) at exports.handler (/var/task/runtime-handler.js:17:17) at Runtime.handleOnceNonStreaming (file:///var/runtime/index.mjs:1173:29)

The @okta/okta-sdk-nodejs version 7.1.1 module has been added as a dependency. Testing with @okta/okta-sdk-nodejs 7.1.0 and 6.6.0 returns the same errors.

The Verify log status for each event only changes to 'expired', never approved.

I'm not sure how to resolve this. I have a case open with Twilio support, but there has been no resolution so far.

[mingchaoma]

thanks for the feedback, can you try the following configuration

after you update the dependency, make sure you hit Deploy All button to deploy the code.

BTW, I am reviewing the code and plan to make a change to use Okta list factor API rather than Okta user API to get the phone number

[mingchaoma]

ok, checked Okta changelog, it looks like Okta introduced a breaking change to the API. I updated the code and tested with 7.1.1, it works now.

[lgaudreau]

Thank you - after updating the function with the updated code from Github, I'm getting a new error and the status is still going to expired, using 7.1.1:

TypeError: Cannot read properties of null (reading 'replace') at exports.handler (/var/task/handlers/ZN867270559ac2664c90cbbf5c46913e5b.js:31:49) at process.processTicksAndRejections (node:internal/process/task_queues:95:5)

In case it's helpful, running the updated function with version 6.0.0 returns:

TypeError: Cannot read properties of undefined (reading 'getUser') at exports.handler (/var/task/handlers/ZN867270559ac2664c90cbbf5c46913e5b.js:30:41) at exports.handler (/var/task/node_modules/runtime-handler/index.js:339:10) at exports.handler (/var/task/runtime-handler.js:17:17) at Runtime.handleOnceNonStreaming (file:///var/runtime/index.mjs:1173:29)

[llvee]

@lgaudreau Interested in contributing to Twilio issue resolutions, could yourself or your team benefit from more assistance with issues like this one?

[mingchaoma]

I updated the code a few weeks ago, replaced getUser API with listFactor API, it should work now.

[llvee]

@mingchaoma Has there been any testing to verify issue resolution? Is that something you or the team would like some help with?

[lgaudreau]

Hi @mingchaoma,

I updated the code a few weeks ago, replaced getUser API with listFactor API, it should work now.

Will Twilio Verify Fraud Guard work with the phone number registered as the MFA device with listFactor, or will it still use the phone number in the Okta user profile?

Thanks!

[llvee]

@mingchaoma I am also up to help with questions like the above if your team would like some more help.

[mingchaoma]

@lgaudreau OKTA MFA uses factor phone numbers

[mingchaoma]

@llvee thanks, feel free to jump in

[llvee]

@mingchaoma Which issues from your perspective are the best to contribute to?