Okta Sign On Error Message Customizations

With the increase of Adaptive MFA use case and all the different combination of posture presented to evaluate the signin into a ressource, organisations require to customize their messaging to their end users to provide context and reduce the login experience friction.

Keep in mind that for security reason we may not want to give to much details regarding the error as we do not want to compromise the secuirty access of our organisation by giving indication to attacker. We recommend to find the right balance for it.

In this Article I will take you through step by step how to achieve this.

First of all you will need to know which Error type message you would like to customize. Please find the full public list of Okta error code at this link:

https://developer.okta.com/docs/reference/error-codes/

Now you have identify your error code go to your okta Admin Console then look for the Customizations section then click Sign-in page code editor:

Here is the code function you need to add in order to customize the error message:

config.language=’en’;
config[‘i18n’] = {
// Overriding English properties
‘en’: {
‘errors.E0000006′:’Access Denied: One or more device security requirements is missing. Please contact internal support for any questions.’
}
}

In this case we are adressing the denied access message which translate to device posture error like if the device isn’t managed or if the device security signal isn’t met.

Credits:

Special Credit to Sathish Balasubramaniyan on this.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: