<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
AWS Workspaces: MFA Does Not Work
Okta Classic Engine
Multi-Factor Authentication
Overview

This article addresses the situation in which Multi-Factor Authentication (MFA) does not work when signing into AWS Workspaces with RADIUS agents.

Applies To
  • AWS Workspaces
  • RADIUS
  • Okta Classic Engine
Solution
  1. Make sure that the specific port setup for the RADIUS agent has been entered into the firewall.
    • Specific port for both UDP and TCP using the designated port number (commonly 1812).
  2. If an MFA sign-on policy within the application settings on Okta is set, it will not work. Set a specific group for the AWS Workspace application assignment and apply this group to an MFA security rule (check below for details):

    1. Navigate to Directory > Groups and click Add Group. Add a name and a description specifically for those who will be assigned the AWS WS application.

    2. Navigate to Security > Multifactor.

    3. Click Add multifactor policy and populate the relevant fields (name and description). In the group field, type and find the newly created group, and set Okta verify as required.

Related References

Loading
AWS Workspaces: MFA Does Not Work