Details

      Description

      Summary
      As in acceptance criteria #3 on the story LPS-92653, we would like to see FIDO2 related entries about successful or unsuccessful logins at Security / Audit.

      Repro

      1. Create a new virtual instance eg.: able.com
      2. Login with Instance admin and enable MFAs: TOTP, Email-OTP, and FIDO2
      3. Go To the Account Setting page, and set up TOTP and FIDO2 for the user account
      4. Sing out
      5. Sign in with FIDO2 verifier
      6. Go to Security / Audit
      7. Find log entries about login using FIDO2 verifier

      Screen recording about the issue
      Check the video

      Actual Result
      Currently, no exact entry about FIDO2 typed MFA in the logs.
      Also, the login flow triggers various entries about a LOGIN, LOGOUT for Email-based OTP verifier while the user logged in successfully via FIDO2 verifiers.

      Expectation
      1. FIDO2 entries should be present as our user's login via FIDO2 verification.
      2. The number of Email-based OTP logs should not be created when the user not even use EOTP during his login flow.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              arthur.chen Arthur Chen
              Reporter:
              gabor.lovas Gábor Lovas
              Recent user:
              Enterprise Release HU
              Participants of an Issue:
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Packages

                  Version Package