Prompt For Factor on okta sign in vs application based MF policies Skip to main content
https://support.okta.com/help/answers?id=906f0000000dfjpia4&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Keith ReedyKeith Reedy 

Prompt For Factor on okta sign in vs application based MF policies

I'm fairly new to Okta, so please pardon my ignorance.  I've a question surrounding MFA and I'm a bit confused.

When configuring an Okta Sign-on policy I see a check box labeled 'Prompt For Factor'.  

When configuring an application I see that I can set up an MFA policy for that particular app.

Here is my background info:  we have some apps on network and some apps on cloud.  I want any access to cloud based apps to have MFA as long as the user is not on my network.  Meaning, if I'm at my desk on the lan...I'll never get MFA prompt.  When working remote, I will get it for cloud apps.  Remote access to lan based apps is only available through VPN, so no need for MFA.

Question....why would I ever check the box labeled 'Prompt For Factor' when configuring an Okta Sign-on policy?

THANKS!
 
Kevin TurnerKevin Turner (Okta, Inc.)
'Prompt For Factor' when configuring an Okta Sign-on policy is for the initial sign-on to the Okta portal page rather than per application.

This you might want to do if you have Okta administrators, and you want them to use MFA when logging into Okta from the lan or off premise connection.