SecureAuth IdP Version affected: 20.06
Description:
In SecureAuth Identity Platform, the user is unable to receive SMS or Voice OTP outside the US.
No Error shows up at MFA Screen when trying to login however you don't get the OTP/Voice OTP.
Upon checking the logs we found that the phone number is correct however by defaultregion is mentioned as the US and the defaultCountryCode is 1 which is not allowing you to receive the SMS/Voice OTP Request outside the US.
----------------------------------------
LogChannel="SA_DEBUG" FormatVersion="0.0.1" EventID="-1" Timestamp="2021-05-04T07:19:45.235Z" CompanyID="" ApplianceID="" Realm="" UserID="" BrowserSession="" StateMachineID="" RequestID="" UserHostAddress="" Message="OneTimePasswordProvider.PrepPhone inputPhone = 9012344850"
----------------------------------------
----------------------------------------
LogChannel="SA_DEBUG" FormatVersion="0.0.1" EventID="-1" Timestamp="2021-05-04T07:19:45.235Z" CompanyID="" ApplianceID="" Realm="" UserID="" BrowserSession="" StateMachineID="" RequestID="" UserHostAddress="" Message="OneTimePasswordProvider.PrepPhone defaultCountryCode = 1"
----------------------------------------
----------------------------------------
LogChannel="SA_DEBUG" FormatVersion="0.0.1" EventID="-1" Timestamp="2021-05-04T07:19:45.235Z" CompanyID="" ApplianceID="" Realm="" UserID="" BrowserSession="" StateMachineID="" RequestID="" UserHostAddress="" Message="OneTimePasswordProvider.PrepPhone defaultRegion = US"
Cause:
The + is missing from the Users phone number so we do not recognise that a country code is already present.
This was not required in IDP 9.3 or earlier versions so previously working numbers may stop working on upgrade
Resolution:
Option1:
The phone number in the User AD/LDAP Profile should be saved in +XX-XXXXXXX format.
Please remember to add + before the country code to define the correct country region.
Option2:
If all your Users are in the same country and you haven't included a country code for their phone numbers already, instead of editing all the numbers in AD, you have the option to add a default country code.
1. Open the Admin Console and navigate to the multifactor methods tab.
2. Update the Country Code in the SMS/Voice Section to have your country code.
In the example below, we've set the country code for India with the country code 91.
SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.
Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products.
Comments
Please sign in to leave a comment.