<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Time-Based Authentication Policy Challenge
Nov 4, 2025
Multi-Factor Authentication
Okta Identity Engine
Overview

This article addresses the Multi-Factor Authentication (MFA) challenge behavior for authentication rules where the "Re-authentication frequency" is set to a specific time interval. 

Applies To
  • Authentication Policy
  • Multi-Factor Authentication (MFA)
  • Okta Identity Engine (OIE)
Solution

The Multi-Factor Authentication challenge for time-based re-authentication is shared across all challenges with the same Okta Session. This means every authentication challenge will reset the timer for all the time-based authentication rules.

As an example, if application A has the authentication rule set to re-authenticate frequency set at every login and application B has the re-authenticate frequency set at every 2 hours, every time the user accesses application A and performs the challenge that resets the 2 hours re-authenticate frequency for application B if the user is using the same Okta session.

Recommended content

Still looking for help?
Loading
Time-Based Authentication Policy Challenge