BUG: HelpDesk OTP case-sensitive

phodgdon · May 6, 2024, 1:43pm

What problem are you observing?

When a user goes through to reset their password via OTP from the Help Desk the uid(username) is case-sensitive and has to match what the user put in IDN, otherwise the token won’t validate.

What is the correct behavior?

Username validation for OTP via webservices shouldn’t be case sensitive. I filed a support ticket with SailPoint and was told this is expected behavior. This doesn’t seem like the appropriate behavior.

What product feature is this related to?

IDN and calling POST: /beta/generate-password-reset-token/digit

What are the steps to reproduce the issue?

Generate an OTP for a user using: POST: /beta/generate-password-reset-token/digit and specify the userId in all uppercase. In IDN go through the password reset flow and put in the username as lowercase.

Do you have any other information about your environment that may help?

N/A

Saket95606 · May 6, 2024, 2:33pm

Thanks for sharing

phodgdon · May 25, 2024, 1:30am

Support said this is expected behavior.

Topic		Replies	Views
Attribute Sync: undesirable case sensitivity check ISC Discussion and Questions	6	766	July 19, 2023
Account ID Case Sensitivity ISC Discussion and Questions webservice-connector , apis , aggregation , identity-security-cloud	9	340	July 15, 2024
Password issue for New onboarded users ISC Discussion and Questions identity-security-cloud , provisioning	4	53	October 27, 2024
Regex in Search not respecting case ISC Discussion and Questions identity-security-cloud , search	6	712	August 14, 2023
Provisioning and Identity Sync Errors IIQ Discussion and Questions webservice-connector , identityiq , provisioning	2	168	October 18, 2024