Users are trying to logon to Self-Service or MyVIP Portal with a temporary code manually generated by VIP Administrator, but cannot input temporary code and receive following error:  "No email or phone number options are available to receive a temporary security code for sign-in. Contact your organization's administrator for assistance"

If the user does not have any registered credentials, then the SSP/MyVIP portal treats these users as 'New users for first-time access'. This policy can be set within the VIP Manager Under the Policy tab > Components. The policy for first-time access does not allow for a manually generated temporary code delivered by a VIP Administrator and requires an automated OTP delivery. Without a configured/supplied automation method, the logon will not prompt for code input.

The following workaround will allow users to input manually generated temporary security codes, but will only work for MyVIP and will not work for SSP.

Because the MyVIP requires a SAML assertion from the local VIP Enterprise Gateway (EGW), we need to send some attribute to the MyVIP logon, but prevent the MyVIP from utilizing that SAML attribute.

1. Edit the local VIP EGW User Store to pull an attribute for the user from Active Directory and pass it up with the SAML assertion
2. The VIP Manager policy must then be set for the SSP/MyVIP portal to send the temp code only through another method utilizing a different attribute instead
   • Note: This attribute must be unpopulated in Active Directory object (such as 'otherPhone'). Because the other attribute was not supplied, the sending will fail
3. The MyVIP portal now assumes the user was sent the temporary OTP code by the policy approved method and will prompt for input
4. The end user can then enter the originally delivered temporary OTP code that was supplied by the VIP Administrator