Is there a way to enforce only one specific MFA for an application Sign-On policy?
Is there a way to enforce only one specific MFA for an application Sign-On policy? The scenario as follows: 1. The user signs in into Okta with Okta-Verify. 2. When user needs access to a access a secure app, then chalendge for 2nd FA with Yubikey only. As of now, looks like the user would have an option for all enabled MFA's in Okta.
There are ways of acheiving this however this does depend on the features enabled for your Okta organisation as such this will be better and answered through a support ticket as we can provide more information and guidane on acheiving your goal.