With the increase of Adaptive MFA use case and all the different combination of posture presented to evaluate the signin into a ressource, organisations require to customize their messaging to their end users to provide context and reduce the login experience friction.
Keep in mind that for security reason we may not want to give to much details regarding the error as we do not want to compromise the secuirty access of our organisation by giving indication to attacker. We recommend to find the right balance for it.
In this Article I will take you through step by step how to achieve this.
First of all you will need to know which Error type message you would like to customize. Please find the full public list of Okta error code at this link:
https://developer.okta.com/docs/reference/error-codes/
Now you have identify your error code go to your okta Admin Console then look for the Customizations section then click Sign-in page code editor:
Here is the code function you need to add in order to customize the error message:
config.language=’en’;
config[‘i18n’] = {
// Overriding English properties
‘en’: {
‘errors.E0000006′:’Access Denied: One or more device security requirements is missing. Please contact internal support for any questions.’
}
}
In this case we are adressing the denied access message which translate to device posture error like if the device isn’t managed or if the device security signal isn’t met.
Credits:
Special Credit to Sathish Balasubramaniyan on this.
Dany Leclerc's Blog 
Leave a Reply