Hello everyone.
I'm working on integrating YubiKey into our new platform and I'd like to know if it is by design that the response from YubiCloud does not contain
nonce (and
otp) when status is
BAD_OTP.
Code:
"h=rXCkSVYHYUYk+Ju5MvaVSKRhhgY=\r\nt=2014-01-02T08:20:07Z0339\r\nstatus=BAD_OTP\r\n\r\n"
Code:
"h=ltwiOKRC5X62g8HBDw9+CdxE/0Q=\r\nt=2014-01-02T08:20:05Z0697\r\notp=ccccccbtcvvhgnvvbivkdfkrddgnikfkdhjlhgeinhlb\r\nnonce=58a74a555932b9bca389ff3fd5ac6c2d\r\nstatus=REPLAYED_OTP\r\n\r\n"
Looking at the documentation (
https://github.com/Yubico/yubikey-val/wiki/ValidationProtocolV20#response) nowhere this is mentioned.
If it is unintentional, do you plan to include none (and otp) in BAD_OPT responses anytime soon?
Thanks
Sigfrid
Login
FAQ
Search
