A user receives repeated Multi-factor Authentication (MFA) prompts while accessing the same application throughout the day, despite setting the re-authentication frequency to a larger value.

• Okta Identity Engine (OIE)

A particular Authentication Policy may require the user to approve a prompt in Okta Verify or provide biometrics.

1. Log in to the Admin Console and navigate to the Reports > System logs.
2. Review the rule that is being assessed when the user logs in.
3. Navigate to Authentication Policies and find the rule that is being applied to the app.
4. Click Actions > Edit.

5. Check the Condition the User must authenticate with.
6. If an option other than Password is selected, a second configuration value will show: AND Possession factor constraints are.

Deselect the option: Require user interaction.

This would allow the user to authenticate into Okta, which falls under the Global Session Policy, while logging into the app with an active Okta session, which allows the user to sign in without being prompted for further verification.

7. Click Save.

Related References

• Configure an authentication policy for Okta FastPass

• Authentication Policy Option for "If Okta FastPass is used" Has Changed