Okta Verify if using an application, but not logged into the portal
Here is a "interesting" use case that has come up.
A potential customer has the use case as follows: They have a door entry system where each user must present their smartcard. Upon presentation of the smartcard, they want to be able to then receive an MFA code to their phone, i.e. Okta Verify code, which they then enter on the keypad. Is this possible through the API, if the user is not logged into the portal???
I know this could be achieved with RSA SecurID using on-demand tokencodes and most likely PingIdentity. But what about Okta??
Alex here with Okta's Customer Support Team, thank you for reaching out to us.
Our Okta Factors API (https://developer.okta.com/docs/api/resources/factors) collection does have a way to send and veryfy factors. You can check it and see if it can be applied for the customer`s desired setup, however, this type of custom implementation should be possible because it does not need a valid session, but the user ID and factor ID for that user in Okta, but the best approach would be to have the issue raised on a Customer Support ticket where we can gather more details on the desired setup and current setup that the customer has in place to check if it would be a valid intergration.
Alexandru Preda Technical Support Engineer Okta Global Customer Care