See example of implementation here: Nike-Inc/gimme-aws-creds#237
We could have analogical approach. User would set up with an additional enroll command, and then would be able to use biometrics for authentication.
The only issue I see is that we are using an API, and enrolling requires another authentication with actual Okta Web API. I couldn't find the way to enroll additional 2 factor in Okta API for a particular user, only for admin
See example of implementation here: Nike-Inc/gimme-aws-creds#237
We could have analogical approach. User would set up with an additional
enrollcommand, and then would be able to use biometrics for authentication.The only issue I see is that we are using an API, and enrolling requires another authentication with actual Okta Web API. I couldn't find the way to enroll additional 2 factor in Okta API for a particular user, only for admin