Microsoft / Google Authenticator and OATH Verifier Node


I have a TOTP journey configured (and working) for users to register, get recovery codes, etc. and everything works with Forgerock authenticator, open otp, and browser extension authenticator. But, 2 things are happenng / having issues.

  1. Microsoft authenticator (scanning QR code / adds account) cannot verify the token that is displayed in the app. Though, do see the device registered for the user so know is being registered, just can’t verify the code.
  2. Google authenticator will not allow me to scan the QR code / add to Google.

Has anyone seen the above issues / challenges?


Knowledge - ForgeRock BackStage shows how to make the OOTB work with Google

I tried this and it does not work.

Once I had done the
Enter a new value in the Minimum Secret Key Length field that avoids padding; choosing a value of 40 should typically work.
I was successful and why this KB was written


Thanks for the information. I can now at least scan / register in the google authenticator app, but post the recovery code screen on verification it is still failing to validate the token. This is for both google and microsoft authenticator at this point. Anything else you had to do to get this working?