Skip to content

Commit

Permalink
Adding mfa support to okta auth backend.
Browse files Browse the repository at this point in the history
  • Loading branch information
@BSick7
BSick7 committed Dec 5, 2017
1 parent 6b29fb2 commit 20fe502
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 3 deletions.
8 changes: 6 additions & 2 deletions builtin/credential/okta/backend.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import (
"fmt"

"github.com/chrismalek/oktasdk-go/okta"
"github.com/hashicorp/vault/helper/mfa"
"github.com/hashicorp/vault/logical"
"github.com/hashicorp/vault/logical/framework"
)
Expand All @@ -22,6 +23,8 @@ func Backend() *backend {
Help: backendHelp,

PathsSpecial: &logical.Paths{
Root: mfa.MFARootPaths(),

Unauthenticated: []string{
"login/*",
},
Expand All @@ -33,8 +36,9 @@ func Backend() *backend {
pathGroups(&b),
pathUsersList(&b),
pathGroupsList(&b),
pathLogin(&b),
}),
},
mfa.MFAPaths(b.Backend, pathLogin(&b))...,
),

AuthRenew: b.pathLoginRenew,
BackendType: logical.TypeCredential,
Expand Down
2 changes: 1 addition & 1 deletion website/source/docs/auth/mfa.html.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ Several authentication backends support multi-factor authentication (MFA). Once
a backend, users are required to provide additional verification, like a one-time passcode,
before being authenticated.

Currently, the "ldap", "radius" and "userpass" backends support MFA.
Currently, the "ldap", "okta", "radius", and "userpass" backends support MFA.

## Authentication

Expand Down

0 comments on commit 20fe502

Please sign in to comment.