Why Does Oracle Access Manager (OAM) MFA/OMA/TOTP Allow Only One Invalid Pin Entry Resulting In "Authentication Failed"
(Doc ID 2853771.1)
Last updated on SEPTEMBER 08, 2023
Applies to:
Oracle Access Manager - Version 12.2.1.4.0 and laterInformation in this document applies to any platform.
Goal
Why Does Oracle Access Manager (OAM) MFA/OMA/TOTP Allow Only One Invalid Pin Entry Resulting In "Authentication Failed"
Back ground
- Configured Oracle Mobile Authenticator (OMA) with Time-based One Time Password (TOTP) and 2nd Factor Authentication (2FA) on Oracle Access Manager (OAM) 12.2.1.4.0.
- Authentication is working as expected when valid 6 digit time based code is entered.
- When user enters an invalid code, the OAM default page or Custom page (oamcustompages.war) will show "Authentication Failed" message.
- When it shows the "Authentication Failed" message, the user cannot re-enter a pin as input box will disappear. The user has to open a new browser session to enter a new PIN again.
Solution
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Goal |
Solution |