https://www.ory.sh/ logo
#talk-kratos
Title
# talk-kratos
f

faint-energy-48611

02/14/2022, 1:04 PM
@User I am testing the webauthn 2FA stuff right now and I've noticed a strange behavior - when I remove the security key in settings, log out and try to log in again, the flow response lacks the whole "webauthn" group - there's just the csrf_token and a message to use the security key. So the user is basically locked out of logging in. Is this a bug or I just messed something up?
Copy code
{
  "id": "e8fa25e4-e363-40bd-ba2e-dbcfa74b30e9",
  "type": "browser",
  "expires_at": "2022-02-14T13:26:53.528845Z",
  "issued_at": "2022-02-14T12:55:53.528845Z",
  "request_url": "<http://localhost:4433/self-service/login/browser?aal=aal2>",
  "ui": {
    "action": "<http://localhost:4433/self-service/login?flow=e8fa25e4-e363-40bd-ba2e-dbcfa74b30e9>",
    "method": "POST",
    "nodes": [
      {
        "type": "input",
        "group": "default",
        "attributes": {
          "name": "csrf_token",
          "type": "hidden",
          "value": "wC7XlHivQTZZcv80jRNAMO4mkOONWQnoWZm98WUe1vI7+h592/pDmt1/p3Ra3lkZ6YP8BwboDZULW/+F79xn3g==",
          "required": true,
          "disabled": false,
          "node_type": "input"
        },
        "messages": [],
        "meta": {}
      }
    ],
    "messages": [
      {
        "id": 1010004,
        "text": "Please complete the second authentication challenge.",
        "type": "info",
        "context": {}
      }
    ]
  },
  "created_at": "2022-02-14T12:55:53.537337Z",
  "updated_at": "2022-02-14T12:55:53.537337Z",
  "refresh": false,
  "requested_aal": "aal2"
}
EDIT: apparently, this is already fixed in master, but not released yet ๐ŸŽ‰: https://github.com/ory/kratos/issues/2225#issuecomment-1039433142
h

high-optician-2097

02/14/2022, 1:05 PM
Hey, appreciate your questions but please donโ€™t ping me for every one ๐Ÿ™‚ There are also others that can help!
f

faint-energy-48611

02/14/2022, 1:05 PM
Sorry ๐Ÿ™ˆ
3 Views