Is there a way to enforce only one specific MFA for an application Sign-On policy? Skip to main content
https://support.okta.com/help/answers?id=9062a000000xzm1qag&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Av ShchAv Shch 

Is there a way to enforce only one specific MFA for an application Sign-On policy?

Is there a way to enforce only one specific MFA for an application Sign-On policy?
The scenario as follows:
1. The user signs in into Okta with Okta-Verify.
2. When user needs access to a access a secure app, then chalendge for 2nd FA with Yubikey only.
As of now, looks like the user would have an option for all enabled MFA's in Okta.
 
Chris HancockChris Hancock (Okta, Inc.)
Hi Alex,

There are ways of acheiving this however this does depend on the features enabled for your Okta organisation as such this will be better and answered through a support ticket as we can provide more information and guidane on acheiving your goal. 

Thank you,
Av ShchAv Shch
Based on the case# 00277466 this is not supported. Could you please elaborate on the options to achive the requirment?