By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

MFA trouble, QR or TOTP not accepted

0

Which "code" is invalid: the QR or the TOTP?
I have generated QR codes which both "Duo Mobile" and "Google Authenticator" find acceptable (and that took a while)
but when I enter the 6-digit response I get
"Invalid code provided, please request a code again."
Entering a second POTP doesn't help, nor does starting over with a new QR (after deleting account).
The QR comes from

qr_code = "otpauth://totp/AWSCognito:" + user.username + "?secret=" + code + "&issuer=Cognito";

The name and password pass cognito check.
Cognito configs:
Allowed flows: Authorization code grant, Implicit grant
Allowed scopes: phone, openid

Edited by: segmented on Jul 6, 2020 6:59 PM

Topics
Security, Identity, & Compliance
Tags
Amazon Cognito
Language
English
segmented
asked 4 years ago829 views
1 Answer
0

It was the QR code: The problem was resolved by getting the correct user (and hence user.name) in play.

segmented
answered 4 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content