Forum Discussion
Stanislas_Piro2
Oct 08, 2018Cumulonimbus
Why do you want to execute auth in subroutine and get it in per session policy???
As I already answered in previous thread, check password the more close to the logon page you can!!!
The problem with your request is with password expiration...
If you want an OTP auth, the password may be not valid when you hit the subroutine condition!!!
I recommend to authenticate in per session policy, but with only fallback branch —> the user can have entered a wrong password,
then check if the authentication result variable is 1 in subroutine, then prompt for another password if first auth failed.