From 86912915fd2a26b6c5a3aa74e0661b3b67acdc09 Mon Sep 17 00:00:00 2001
From: "tcdlpds@gmail.com" <tcdlpds@gmail.com>
Date: Wed, 12 Aug 2020 20:17:17 +0530
Subject: [PATCH] Fix user verifying functionality in OTP

---
 .../mgt/core/otp/mgt/service/OTPManagementServiceImpl.java    | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
index ee649baf1d..1ec1bb3dce 100644
--- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
+++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/otp/mgt/service/OTPManagementServiceImpl.java
@@ -213,8 +213,8 @@ public class OTPManagementServiceImpl implements OTPManagementService {
 
         String[] superTenantDetails = otpWrapper.getUsername().split("@");
 
-        if (MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(superTenantDetails[1]) || !superTenantDetails[0]
-                .equals(kmConfig.getAdminUsername())) {
+        if (!MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(superTenantDetails[superTenantDetails.length - 1])
+                || !superTenantDetails[0].equals(kmConfig.getAdminUsername())) {
             String msg = "You don't have required permission to create OTP";
             log.error(msg);
             throw new UnAuthorizedException(msg);