OKTA-535220 - Add tMFA readme changes

[moisesolmedo-okta]

Problem Analysis (Technical)

Solution (Technical)

Affected Components

Steps to reproduce:

Actual result:

Expected result:

Tests

[FeiChen-okta]

@tommywong-okta can you also update the android one to be same or similar to iOS. can do this in your next PR

[mauricesharp-okta]

I thought CIBA sent challenges to authorize an action on some other device. The wording below says “authorize requests from your app”, but I think it’s supposed to be “

Enable your app to respond to CIBA authorization challenges sent by the Okta backend server. CIBA challenges are disabled by default. The following code shows how to enable challenges for each of the enrolled custom authenticators of your app.

On Oct 25, 2022, at 5:28 PM, Moises Olmedo @.***> wrote:

This message originated outside your organization.

@moisesolmedo-okta commented on this pull request.

In README.md https://github.com/okta/okta-devices-swift/pull/72#discussion_r1004980130:

+### Enable using your app for Client Initiated Backchannel Authentication (CIBA) +Enable the Okta backend to send CIBA challenges that verify a user's identity to your app. CIBA challenges are disabled by default. The following code shows enabling challenges for each of your app's enrollments. Makes sense, this would be more accurate:

Enable the Okta backend to send CIBA challenges to authorize requests from your app. CIBA challenges are disabled by default. The following code shows enabling challenges for each of your app's enrollments.

— Reply to this email directly, view it on GitHub https://github.com/okta/okta-devices-swift/pull/72#discussion_r1004980130, or unsubscribe https://github.com/notifications/unsubscribe-auth/AWKDU3W5KTUIBIF5HY4DKHDWFBGHHANCNFSM6AAAAAARLQ2ITI. You are receiving this because you were mentioned.

[mauricesharp-okta]

So far this talks about enabling CIBA. What about responding to the challenge? Is there anything different a developer needs to do or is it just another challenge that’s handled by this kind of code:

func initOktaDeviceAuthenticator() { do { let applicationConfig = ApplicationConfig(applicationName: "Your-app-name", applicationVersion: "Your-app-version", applicationGroupId: "com.your.group.id", ) applicationConfig.approveActionTitle = "Approve" applicationConfig.denyActionTitle = "Deny" applicationConfig.userVerificationActionTitle = "Verify in YourAppName" ...

On Oct 25, 2022, at 5:55 PM, Fei Chen @.***> wrote:

This message originated outside your organization.

@tommywong-okta https://github.com/tommywong-okta can you also update the android one to be same or similar to iOS. can do this in your next PR

— Reply to this email directly, view it on GitHub https://github.com/okta/okta-devices-swift/pull/72#issuecomment-1291185378, or unsubscribe https://github.com/notifications/unsubscribe-auth/AWKDU3U6T22J4HMFL474MDTWFBJOLANCNFSM6AAAAAARLQ2ITI. You are receiving this because you were mentioned.

[moisesolmedo-okta]

@mauricesharp-okta There's no change for developers to respond to the challenge, same as before. Only difference is we added a new challenge protocol in case they want to retrieve the CIBA binding message. Added an example on SampleApp, following the same pattern we've been using to get other properties from the challenge (such as client location, OS, date, etc): https://github.com/okta/okta-devices-swift/blob/master/Examples/PushSampleApp/SampleApp/UserConsent/UserConsentViewModel.swift#L79

[mauricesharp-okta]

Thanks @moisesolmedo-okta. @tommywong-okta , please include me on the PR for the Android wording. Once I have that I can update the existing custom authenticator docs with this option.