The short answer is, yes, you can change your sign-on policies at the application level. It sounds like the current policy you have in place is set to prompt for factor only per session or per device. You can change this setting in the Admin console.
Because every organization has a unique environment and tenant setup, I would recommed submitting a ticket to Okta Support, in order for us to provide technical guidance based on your configuration.
In the meantime, here are some useful help documents to get you started:
Setting Up Security Policies (https://help.okta.com/en/prod/Content/Topics/Security/Security_Policies.htm?Highlight=Setting%20Up%20Security%20Policies)
App Level MFA (https://help.okta.com/en/prod/Content/Topics/Security/MFA_App_Level.htm)
We look forward to hearing from you!
Technical Support Engineer