You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Periodically our organization administrator requires us to verify our devices, which blocks the SAML authentication process and requires manual verification. This is the screen you would see after a successful authentication in the browser when verification is required.
A more insightful error would be helpful as automatic verification would defeat the security protections. As you can see from the output below the current error is confusing as it indicates the OTP was entered twice instead of directing the user to log in in the browser which is the correct action in this instance.
saml2aws login --force
Using IdP Account default to access AzureAD https://account.activedirectory.windowsazure.com
To use saved password just hit enter.
? Username [email protected]
? Password
Authenticating as [email protected] ...
? Enter verification code 123456
? Enter verification code 123456
Error authenticating to IdP.: error processing MFA, errcode: 500121, message: PhoneAppOtpAuthFailedDuplicateCodeEntered
The verbose output indicates a successful authentication followed by a duplicate code:
// First OTP
{"Success":true,"ResultValue":"Success"}
// Second OTP
{"Success":false,"ResultValue":"PhoneAppOtpAuthFailedDuplicateCodeEntered"}
The text was updated successfully, but these errors were encountered:
Periodically our organization administrator requires us to verify our devices, which blocks the SAML authentication process and requires manual verification. This is the screen you would see after a successful authentication in the browser when verification is required.
A more insightful error would be helpful as automatic verification would defeat the security protections. As you can see from the output below the current error is confusing as it indicates the OTP was entered twice instead of directing the user to log in in the browser which is the correct action in this instance.
The verbose output indicates a successful authentication followed by a duplicate code:
The text was updated successfully, but these errors were encountered: