0

Okta authentication blocked on phone?

Recently my company has started using passwordless login with Okta Verify.

On my mac laptop, no issues.  On my iphone, however, it sends me in a login loop.  If I disable NextDNS on my phone, it logs in successfully.

I'm not sure how to even troubleshoot this to determine how to fix it so that I don't need to flip NextDNS off/on just for logging in from my phone.

6 replies

null
    • Stuart_Vassey
    • 4 mths ago
    • Reported - view

    This is a known issue. Okta requires DNS rebind functionality for Okta Verify to work on mobile devices. You can whitelist a domain like [youroktatenantid].authenticatorlocalprod.com , which will allow Verify to work again. Here's a post from Okta describing the issue:

    https://support.okta.com/help/s/article/dns-rebind-protection?language=en_US

      • Bingo
      • 4 mths ago
      • Reported - view

       That worked out perfect, thank you!

      For reference, [tenantname].authenticatorlocalprod.com didn't work, but just using authenticatorlocalprod.com on its own did.

      • Stuart_Vassey
      • 4 mths ago
      • Reported - view

      ah I should have been more clear: you need to determine YOUR okta tenant id (from your DNS logs) and replace [youroktatenantid] with that. You probably don't want to whitelist the whole subdomain *.authenticatorlocalprod.com. Glad it was helpful!

    • Nick.26
    • 2 mths ago
    • Reported - view

    I have tried all of these fixes, but none work.

    Has something changed?

Content aside

  • 1 mth agoLast active
  • 6Replies
  • 120Views
  • 3 Following