Version Affected: 20.06+
Description:
When an end-user wants to change or delete their FIDO enrollment information, they can do so via their connection to the SecureAuth realm but after saving a new Name/Description or deleting an enrollment, it is not changed and reverted back to the original state.
Cause:
Web Application Firewall or Load Balancer may be blocking the PUT and DELETE methods for HTTP requests to the FIDO realm. When an end-user makes an update/change to their FIDO information, a PUT is sent to update said data, if deleting, a DELETE is sent. If the PUT or DELETE methods are blocked, updates will be denied/blocked by the networking device.
Resolution:
Ensure the Web Application Firewall (WAF) or Load Balancer have a rule allowing the PUT and DELETE methods to the FIDO realm so users will be able to update/delete their information.
Special Considerations (optional as needed):
When setting MFA options via the New Experience (SWAP) console, it may also use the PUT method of updating. A rule should also be put in place for SecureAuth0 if using the Admin console over a public internet connection.
SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.
Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products.
Comments
Please sign in to leave a comment.