ForgeRock Identity Platform
ForgeRock Identity Cloud

ForgeRock Authenticator App 3.0 - Known issues and limitations

Last updated Mar 15, 2022

The purpose of this article is to provide information about known issues and limitations for the ForgeRock Authenticator App 3.0.


This article provides information on the following known issues and limitations:

iOS - Push accounts stop working after uninstalling and reinstalling the app

Steps to reproduce

  1. Install the authenticator app on an iOS device.
  2. Register a push authentication notification account, and confirm it works as expected.
  3. Uninstall the app from the device.
  4. Install the app again.
  5. Trigger a new push authentication notification request.

Expected result

The device receives the new push notification.

Actual result

The device does not receive the new push notification.


  1. On your device, remove the push authentication account from the ForgeRock Authenticator app.
  2. Afterwards, register the account with the app again.

To enable push notifications on your iOS device:

  1. On the home screen, click Settings.
  2. On the Settings menu, click Notifications.
  3. Look for the ForgeRock Authenticator app.
  4. Click Allow Notifications.
  5. Choose options for how to receive push notifications.

To show the contents of notifications on the Lock Screen without unlocking your device:

  1. Go to SettingsNotificationsShow Previews.
  2. Select Always.

Android - Some special characters from registration QR Codes or URLs are decoded incorrectly

Steps to reproduce: 

Some special characters in the registration URLs (or QR Codes) are not decoded properly by the Authenticator app during the registration of Push and OATH accounts. This can lead to the app displaying incomplete issuer or account names. For example, if the issuer in the registration URL is "AT&T", the Authenticator app may display  "AT".

Expected result: 

The OATH account is successfully registered and the value for the Issuer is correct.

Actual result: 

The app successfully registers the account. However, the value for the issuer is not correct. For example,  "AT" instead of “AT&T”.


  • SVG is not a valid image format for the account logo. The app only supports JPG and PNG formats.
  • OTP codes should contain six or eight digits.
  • The period limit for TOTP accounts is 99 seconds.
  • Push Notifications expiration counting starts when the Authenticator app receives the notification.
  • The Authenticator app supports up to two MFA methods for the same account (issuer + account name). The methods cannot be of the same type.
  • Registering an OATH account via links does not work in iOS version 15.
  • Android devices without Google Play services do not support the Authenticator app.
  • In rare cases, on some iOS 12.x devices, the Authenticator app may not receive push notifications when the app is not running. 

Workaround: Start the authenticator app and resend a push notification authentication request.

Copyright and Trademarks Copyright © 2022 ForgeRock, all rights reserved.