Oracle Advanced Authentication(OAA): Handle Incorrect OTP Use Case In OAA Oct 2024 (Doc ID 3072871.1)

Last updated on FEBRUARY 19, 2025

Applies to:

Oracle Advanced Authentication - Version 12.2.1.4 and later
Information in this document applies to any platform.

Goal

The customer initially entered an incorrect OTP. When they tried again with the correct OTP, the response indicated an incorrect OTP. It was noticed that the 'nonce' parameter is dependent on the OTP parameter.

In the user challenge/initialize/validation API flow, a nonce is generated. During validation, the OTP and nonce are submitted together.
If the OTP is incorrect, retrying with the correct OTP and the same nonce results in an error. The nonce cannot be reused unless the challenge is redone to generate a new nonce.

Solution

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

Goal

Solution

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

Oracle Advanced Authentication(OAA): Handle Incorrect OTP Use Case In OAA Oct 2024 (Doc ID 3072871.1)

Applies to:

Goal

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!