I know this post is old but this question seems to be in line with a question I have now. We are evaluating 3rd party certificate providers to manage device and machine certificates. Your AD credential will be the first factor and the certificate the second. Can Okta honor certificates as a second factor or means of authentication?
Yeah I want to piggy back this and say that I too would like to enable certificate login into Okta with client side certificates (issued from local CA). Possible? It is how we do login already for VPN and other technologies. Just trying to move closer to eliminating passwords all together.