The Number Challenge in Okta Verify is a security feature that provides an extra layer of protection during the authentication process. This feature involves presenting the user with a randomly generated number that they must enter into the app to prove that they own the device.

• Okta Verify
• Multi-Factor Authentication (MFA)

1. When accessing a protected resource, an Android or iOS user enrolled in Okta Verify with Push clicks the Get a push notification (for Okta Classic) option in the sign-in instructions.

2. A number appears in the sign-in instructions.

3. A notification with a Review option appears on the mobile device in Okta Verify. The user validates the sign-in attempt by tapping Review and then tapping the number on the device that matches the number shown in the Sign-in instructions. Verification succeeds only if the numbers match. This ensures that the sign-in attempt was initiated by the user and not an unauthorized person. Details about where the sign-in attempt originated are provided below in the Related References section. Optionally, the user can tap Cancel the sign-in attempt to deny the sign-in attempt.

To enable this feature, open a ticket with Okta Support and reference this article in the Support case. This functionality is only available for customers with the Adaptive MFA license.

Related References

• Configure Okta Verify options - Okta Identity Engine
• Configure Okta Verify - Okta Classic Engine
• What Triggers Number Challenge in Okta Verify
• Upgrading from Classic to OIE - Okta Verify Number Challenge User Experience