Hi,
vault version 1.11.10
following the documentation: Active Directory Auth Method with TOTP Login MFA | Vault | HashiCorp Developer
after setup all. I can do login with MFA using WEB,
but i CAN’T do login using CLI
this step:
vault login -method=ldap username=myUser password='myPassword'
Never show up this message
Enter the passphrase for methodID "01194a79-e2d9-c038-029d-79b0091cafd0" of type "totp":
the error message is:
`vault login -method=ldap username=myUser password='myPassword'`
Password (will be hidden):
WARNING! The VAULT_TOKEN environment variable is set! This takes precedence
over the value set by this command. To use the value set by this command,
unset the VAULT_TOKEN environment variable or set it to the token displayed
below.
Success! You are now authenticated. The token information displayed below
is already stored in the token helper. You do NOT need to run "vault login"
again. Future Vault requests will automatically use this token.
WARNING! The following warnings were returned from Vault:
* A login request was issued that is subject to MFA validation. Please
make sure to validate the login by sending another request to mfa/validate
endpoint.
I verify in forum last year must be SHA1 because SHA256 and SHA512 didn’t work
but I’m using SHA1 and got the same issue.
this is my config
Issuer: Vault
Period: 30
Key size: 30
QR size: 200
Algorithm: SHA1
Digits: 6
Skew: 1
Max validation attempts: 5
wha’t i’m missing ??
