<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Remove "Verify" Prompt before Duo/ IdP as a Factor for MFA
Nov 20, 2025
Okta Classic Engine
Multi-Factor Authentication
Okta Identity Engine
Overview

This article covers the following situations:

  • Admins requesting for the Verify prompt to be removed.
  • When using Duo as an Open ID Connect IDP or any IDP factor, logins to Okta will prompt users to complete verification with the Duo OIDC MFA factor after they enter their Okta credentials. 


 The authentication flow is the following:

  1. Okta prompts users who have not yet registered use of the Duo OIDC IDP factor to set up Multi-Factor Authentication (MFA) at the first login to Okta after Duo OIDC is enabled. They need to click the Setup button for Duo OIDC IDP factor.
  2. At the next step, they click the Enroll button to be redirected to Duo.
  3. Okta redirects to the Duo Universal Prompt, where a user new to Duo can complete first-time Duo enrollment or an existing Duo user can authenticate using an available method.
  4. After completing Duo enrollment or authentication, Duo redirects back to Okta to complete Okta's multifactor setup. They click Finish to complete logging into Okta.
  5. Future logins to Okta will prompt users to complete verification with the Duo OIDC MFA factor after entering Okta credentials. They need to click Verify to be redirected to Duo for two-factor authentication.
     
Applies To
  • Multi-Factor Authentication (MFA)
  • DUO Universal Prompt
  • IDP Factor for MFA
Cause

End users have an additional "Verify" window before Duo's MFA window. 

 

Verify

 

Solution

This can be achieved by toggling this feature on the account.

Admins can enable it themselves by visiting the Settings > Features page of their Admin Dashboard. The feature, aptly named "Skip the verify screen and redirect to the IdP authenticator" can be turned on/off as needed. 

 

Skip the verify screen and redirect to the IdP authenticator


With this change, users will proceed directly to Duo authentication after entering their Okta credentials. They will NOT have the option to select Verify with something else.

 

NOTE:

  • Ensure that administrators understand the Impact of enabling this feature in Okta.
  • Please ensure to share this with the end-users requesting this change on the new login flow. 

 

 

Related References

 

Recommended content

Still looking for help?
Loading
Remove "Verify" Prompt before Duo/ IdP as a Factor for MFA