Can Okta Enforce an MFA Policy on Guest Accounts that Are Invited via Teams/SharePoint
Aug 18, 2025
Okta Classic Engine
Multi-Factor Authentication
Okta Identity Engine
Single Sign-On
Overview
This article discusses whether Okta can enforce a Multi-factor Authentication (MFA) policy on guest accounts that are invited using Teams/SharePoint.
Applies To
- Okta Sign-on, Global Session, and Authentication Policies
- Okta Multi-factor Authentication (MFA) Policies
- Office 365
- Entra ID (formerly Azure AD) guest users
Solution
This is not possible at the moment, as a user account must exist in Okta in order for MFA to be required for its sign-on, and Entra ID guest accounts are not imported into Okta.
