SecureAuth IdP Version affected: 9.0.2 and 9.1
Credential Provider version affected: Any prior to 2.8.2
After upgrading the IdP to 9.0.2 or newer, users who are required to OTP via the Credentials Provider fail to login.
The Audit log for the realm should show the following error
ReadOATHProvisionDataByUserName: Failed - Object reference not set to an instance of an object.</Message></Root>
If you are currently on a Credential Provider version older than 2.8.2 it is recommended that you upgrade to the latest version to fix this issue.
If that is not possible, these steps should fix the issue
1. Open the Admin Console
2. Navigate to Realm998 and click on the System Info page
3. Scroll to the bottom and open the Web.Config editor
4. Add the following app setting to the web.config
<add key="CpValidateOTP" value="False" />
5. Click Save
Remember, you will need to remove this setting when you upgrade to the later Credential Provider version (2.8.2 or newer)
SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.
Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products.