Okta
From wikinotes
Okta is a proprietary identity authentication service.
Documentation
api docs https://developer.okta.com/docs/reference/api/authn/ okta_authn_mfa.sh https://github.com/oktadeveloper/okta-cli-mfa-example/blob/master/okta_authn_mfa.sh
Tutorials
MFA on cli https://developer.okta.com/blog/2018/06/22/multi-factor-authentication-command-line
Authorization
Commandline
NOTE:
I was able to complete authentication, but never figured out how to access resources behind it... I'm guessing the token gets set as a header somewhere?
sudo pacman -S bash jq # inspired by: https://raw.githubusercontent.com/oktadeveloper/okta-cli-mfa-example/master/okta_authn_mfa.sh USERNAME=foo PASSWORD=bar DOMAIN=xyz.okta.com auth_reply=$(curl -s -X POST \ -H "Content-Type: application/json" \ -d "{\"username\": \"${USERNAME}\", \"password\": \"${PASSWORD}\"}" \ ${DOMAIN}/api/v1/authn) status=$(echo $auth_reply | jq -r '.status') if [[ "$status" == "SUCCESS" ]] ; then token=$(echo $auth_reply | jq -r '.sessionToken') factortype=$(echo $auth_reply | jq -r '._embedded.factors[0].factorType') provider=$(echo $auth_reply | jq -r '._embedded.factors[0].provider') verify_url=$(echo $auth_reply | jq -r '._embedded.factors[0]._links.verify.href') echo "Please enter code from $provider auth app: " read code_from_auth_app if [[ "$factortype" == "token:software:totp" ]] ; then verify_reply=$(curl -s -X POST \ -H "Accept: application/json" \ -H "Content-Type: application/json" \ -d "{ \"stateToken\": \"${token}\", \"passCode\": \"${code_from_auth_app}\", }" ${verify_url}) status=$(echo $verify_reply | jq -r '.status') token=$(echo $verify_reply | jq -r '.sessionToken') # my understanding is that here you are "logged in" # .. still uncertain how to access underlying resources (ex: slack) .. else # ... other factortypes (see apidocs) ... fi fi