Skip to content

Commit

Permalink
Adding mfa support to okta auth backend. (#3653)
Browse files Browse the repository at this point in the history
  • Loading branch information
BSick7 authored and jefferai committed Dec 7, 2017
1 parent c767dc4 commit dc70b1c
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 3 deletions.
8 changes: 6 additions & 2 deletions builtin/credential/okta/backend.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import (
"fmt"

"github.com/chrismalek/oktasdk-go/okta"
"github.com/hashicorp/vault/helper/mfa"
"github.com/hashicorp/vault/logical"
"github.com/hashicorp/vault/logical/framework"
)
Expand All @@ -22,6 +23,8 @@ func Backend() *backend {
Help: backendHelp,

PathsSpecial: &logical.Paths{
Root: mfa.MFARootPaths(),

Unauthenticated: []string{
"login/*",
},
Expand All @@ -36,8 +39,9 @@ func Backend() *backend {
pathGroups(&b),
pathUsersList(&b),
pathGroupsList(&b),
pathLogin(&b),
}),
},
mfa.MFAPaths(b.Backend, pathLogin(&b))...,
),

AuthRenew: b.pathLoginRenew,
BackendType: logical.TypeCredential,
Expand Down
2 changes: 1 addition & 1 deletion website/source/docs/auth/mfa.html.md
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ Several authentication backends support multi-factor authentication (MFA). Once
a backend, users are required to provide additional verification, like a one-time passcode,
before being authenticated.

Currently, the "ldap", "radius" and "userpass" backends support MFA.
Currently, the "ldap", "okta", "radius", and "userpass" backends support MFA.

## Authentication

Expand Down

0 comments on commit dc70b1c

Please sign in to comment.