README
¶
Okta provider
Instructions
Retrieve the AWS application URL from your Okta tenant. This will (may) look something like:
https://$YOUR_ORGANIZATION.okta.com/home/amazon_aws/$OKTA_APPLICATION_ID/$OKTA_OTHER_ID
The path segments /home/amazon_aws
in the above URL may vary.
Features
- Supports MFA (Okta Push, Okta TOTP, Duo, and Google Authenticator), when configured at organization level.
Limitations
- Does not support application-level MFA, per issue #118
Documentation
¶
Index ¶
Constants ¶
View Source
const ( IdentifierDuoMfa = "DUO WEB" IdentifierSmsMfa = "OKTA SMS" IdentifierPushMfa = "OKTA PUSH" IdentifierTotpMfa = "GOOGLE TOKEN:SOFTWARE:TOTP" IdentifierOktaTotpMfa = "OKTA TOKEN:SOFTWARE:TOTP" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthRequest ¶
AuthRequest represents an mfa okta request
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
Client is a wrapper representing a Okta SAML client
func (*Client) Authenticate ¶
func (oc *Client) Authenticate(loginDetails *creds.LoginDetails) (string, error)
Authenticate logs into Okta and returns a SAML response
type VerifyRequest ¶
type VerifyRequest struct { StateToken string `json:"stateToken"` PassCode string `json:"passCode,omitempty"` }
VerifyRequest represents an mfa verify request
Click to show internal directories.
Click to hide internal directories.