I have developed a custom credential provider for MFA and it is working fine. I am performing my additional authentication checks in GetSerialization() method by calling REST APIs. Now, in case of successful validation through REST API, I am allowing the user to login. But for the case of validation failure, I want to show error screen, like the one default provider shows in case of incorrect username or password (having a button for 'Ok'). I have understood that this is done in ReportResult() by default credential provider in case of logon failure. Can I call ReportResult() to display my custom error message with an 'Ok' button? Regards,
EDIT: I am doing it like this:
if (SUCCEEDED(HRESULT_FROM_NT(ntsStatus)) && SUCCEEDED(HRESULT_FROM_NT(ntsSubstatus)))
{
SHStrDupW(L"Bad password", ppwszOptionalStatusText);
*pcpsiOptionalStatusIcon = CPSI_ERROR;
}
But the screen isn't stopping. It logs in the user. I need to detect the scenario when the windows credentials are correct but the API call fails, so I need to catch that status and display error
Have to try
*pcpgsr = CPGSR_NO_CREDENTIAL_NOT_FINISHED;
In my use case wih additional
*pcpsiOptionalStatusIcon = CPSI_WARNING;
it is enough to display status message.