Not an intended action, proper x-flow-state header must be used

search cancel

Not an intended action, proper x-flow-state header must be used

book

Article ID: 409429

calendar_today

Updated On:

Products

Symantec Identity Security Platform - IDSP (formerly VIP Authentication Hub)

Issue/Introduction

After the /authenticate API call, calling the /factor/v1/PasswordAuthenticator API failed with the following error

{
"errorCode": "0000011",
"errorMessage": "Not an intended action, proper x-flow-state header must be used"
}

The /authenticate API call's response has the following in the payload
"nextaction": "FACTOR_SELECTION"

Environment

VIP Authentication Hub 3.3.x, 3.4.x

Cause

Incorrect /factor/v1/PasswordAuthenticator API call, as VIP Authentication Hub expects /auth/v1/SelectedFactor API call firstly

Resolution

Call /auth/v1/SelectedFactor API and then /factor/v1/PasswordAuthenticator API

Feedback

thumb_up Yes

thumb_down No