/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
- Parent site is an outbound OIDC record for the "Example" app.
- SAP CDC hosted page is being used as OIDC proxy page (Example 2) which makes use of the ExampleRegistrationLogin screenset.
- An RBA rule for TOTP is applied for Parent site only, excluding all child sites.
- Web SDK is being used by the Example app and uses the API key of Parent site
Issue being encountered is when a user logs into the Example app (using credentials and MFA), logs out and then logs back in, after user enter their credentials, it is immediately able to access the Example app, only then is the MFA being prompted in a pop-up window that can be closed. Then, the user is able to access the app without MFA.
- Why is the MFA being prompted late in the login flow?
- It is expected that endpoints should be called by Example2 site since that is the OIDC issuer.
Read more...
Environment
- SAP Customer Data Cloud
- OIDC
Product
SAP Customer Data Cloud all versions
Keywords
Gigya, CDC, OIDC, proxy page, application , KBA , CEC-PRO-PNS , Privacy & Safety (Consent, RBA - Risk-Based Authentication) , How To
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)