SecureAuth IdP Version Affected: 9.1,9.2,9.3
Devices enrolled with OATH Token stored as either "JSON" or "JSON Encrypted" can successfully register/enrol but the TOTP never matches for subsequent logon attempts.
The Error log will contain this solitary error:
SecureAuth.OTP.TotpToken.VerifyOtp: Exception: Object reference not set to an instance of an object.
Storing OATH Token as Plain Binary works correctly and allows TOTP authentication to succeed.
Product defect EE-997
Addressed in hotfix 9.2.0-20
SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.
Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products.