Welcome to the WSO2 Identity Server source code! For info on working with the WSO2 Identity Server repository and contributing code, click the link below.
Configure EMAIL OTP and add it to a SP as a MFA option [3].
Configure SMS OTP and add it to a SP as a MFA option [4][5].
In addition to the EmailOTP and SMSOTP configurations, add the following configuration to the deployment.toml so that it displays the value of the 'authFailureMsg' passed in the payload.
Issue Description EmailOTP Authenticator returns generic error "authentication.fail.message" for expired OTPs [1] whereas SMSOTP authenticator checks and returns "token.expired" for expired OTPs [2].
[1] - https://github.com/wso2-extensions/identity-outbound-auth-email-otp/blob/v3.0.25/component/authenticator/src/main/java/org/wso2/carbon/identity/authenticator/emailotp/EmailOTPAuthenticator.java#L983-L998
[2] - https://github.com/wso2-extensions/identity-outbound-auth-sms-otp/blob/v3.1.9/component/authenticator/src/main/java/org/wso2/carbon/identity/authenticator/smsotp/SMSOTPAuthenticator.java#L692-L731
Steps to Reproduce
Configure EMAIL OTP and add it to a SP as a MFA option [3].
Configure SMS OTP and add it to a SP as a MFA option [4][5].
In addition to the EmailOTP and SMSOTP configurations, add the following configuration to the deployment.toml so that it displays the value of the 'authFailureMsg' passed in the payload.
[3] - https://is.docs.wso2.com/en/5.10.0/learn/configuring-email-otp/?=[^@]*?@#configure-the-email-otp-provider [4] - https://is.docs.wso2.com/en/5.10.0/learn/configuring-sms-otp/ [5] - https://is.docs.wso2.com/en/5.10.0/learn/configuring-multifactor-authentication/#enable-smsotp
Product : wso2is-5.10.0 Related Git Issues: wso2/product-is#15525