Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing password in payload to enable SMS MFA #456

Closed
matthias2 opened this issue Oct 21, 2021 · 0 comments · Fixed by #462
Closed

Missing password in payload to enable SMS MFA #456

matthias2 opened this issue Oct 21, 2021 · 0 comments · Fixed by #462
Labels
bug This is a bug with the pyTenable library follow-up label for items that requires follow-up internally Tenable.io Tenable.io Package upstream-api The issue is related to the calling API or API Docs
Milestone
1.4

Comments

@matthias2
Copy link

matthias2 commented Oct 21, 2021
edited
Loading

Describe the bug
When sending a verification code in the users module an error is returned that the current password is invalid. This is the users module enable two factor.

To Reproduce
Steps to reproduce the behavior:

  1. Import the TenableIO class
  2. Send a request to the users/{user_id}/two-factor/send-verification endpoint
  3. See error
>>> from tenable.io import TenableIO
>>> tio = TenableIO(<access key>,<secret key>)
>>> payload = {'sms_phone': <phone number>}
>>> tio.post('users/164/two-factor/send-verification', json=payload)
POST https://cloud.tenable.com/users/164/two-factor/send-verification >> 89ad65e7824191efe08c671429a000b8:400 {"error":"Current password is invalid."}

Expected behavior
Should return 200 with empty response.

Screenshots
N/A

System Information (please complete the following information):

  • OS: MacOS
  • Architecture 64bit
  • Version 11.6
  • Memory 16G

Additional context
When adding the users password to the payload then the POST call succeeds.
eg. {'sms_phone': <phone number>,'password': <password>}
This isn't documented in the Tenable API documentation and doesn't look valid in pyTenable.
@SteveMcGrath SteveMcGrath added bug This is a bug with the pyTenable library upstream-api The issue is related to the calling API or API Docs Tenable.io Tenable.io Package follow-up label for items that requires follow-up internally labels Oct 26, 2021
@SteveMcGrath SteveMcGrath added this to the 1.4 milestone Nov 9, 2021
SteveMcGrath added a commit that referenced this issue Nov 10, 2021
@SteveMcGrath
Added password as a required attribute as per #456
2339f0f
@SteveMcGrath SteveMcGrath mentioned this issue Nov 10, 2021
Merged
9 tasks
SteveMcGrath added a commit that referenced this issue Nov 10, 2021
@SteveMcGrath
Merge pull request #462 from tenable/bigfix/user_2fa_fix
d408dd6 
Added password as a required attribute as per #456
harshshah-tenable pushed a commit to dhvanilshah-tenable/pyTenable that referenced this issue Nov 12, 2021
@SteveMcGrath @harshshah-tenable
Added password as a required attribute as per tenable#456
c0578dd
sahils-tenable pushed a commit to dhvanilshah-tenable/pyTenable that referenced this issue Nov 18, 2021
@SteveMcGrath @sahils-tenable
Added password as a required attribute as per tenable#456
2f875f3
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug This is a bug with the pyTenable library follow-up label for items that requires follow-up internally Tenable.io Tenable.io Package upstream-api The issue is related to the calling API or API Docs
Projects
None yet
Milestone
1.4
Development

Successfully merging a pull request may close this issue.

Added password as a required attribute as per #456 tenable/pyTenable
2 participants
@SteveMcGrath @matthias2