Skip to content

Missing "keep-me-signed-in" Remediation in IDX Flow with Okta Auth JS SDK #1612

Description

@ahrarsyed

Describe the bug

We are experiencing a problem with the IDX remediation flow using the Okta Auth JS SDK. Specifically, the remediation option for "keep-me-signed-in" (KMSI) is not available, even when the policy permits KMSI for the user.
When attempting to skip the enrollment of a second factor using idx.proceed({ skip: true }), we encounter an AuthSdkError with the message: "No remediation can match current flow, check policy settings in your org. Remediations: [keep-me-signed-in]." Despite a 200 response from the network indicating success, the SDK interprets this as a failure.

Reproduction Steps?

  • Sign in using the IDX remediation flow with Okta Auth JS SDK.
  • Begin the MFA enrollment process with two factors.
  • Successfully enroll one factor.
  • Attempt to skip the enrollment of the second factor using idx.proceed({ skip: true }).
  • Observe the AuthSdkError and the discrepancy between the network response and SDK behavior.

SDK Versions

7.14.1

Additional Information?

The issue seems related to the availability of the "Keep Me Signed In" (KMSI) remediation option.
It looks like the same issue with KMSI is encountered when the user is prompt for MFA challenge and successfully verifies the passcode. The next remediation step being KMSI throws the same AuthSdkError.
The error message suggests checking policy settings, but the policy does allow KMSI.
We would like to verify if there is a remediator for KMSI in the SDK. If not, we seek guidance on what could be done to handle this scenario effectively.

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions