<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008C3jSeSAJOkta Classic EngineIntegrationsAnswered2024-03-25T07:28:00.000Z2018-07-29T21:20:52.000Z2018-07-31T12:21:15.000Z

xy602 (xy602) asked a question.

Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:19 AM
Application level MFA through API?
Hello,

 

I am lookting to authenticate to a service which has MFA enabled at the application level.

 

Tried solutions:

1. Authenticate to OKTA, then use a redirect to the embeded URL of the application. In this instance, the auth is succesfull straight away(200 response), without prompting for a MFA, however it's retrieving the policy details (the MFA policy details).  Any ideas how to use this for MFA validation?

 

2. Authenticate to OKTA, thren use the factor verify. In this instance, the state token is required for factor verifycation. However, once authenticated (200 response), no token is retieved, hence cannot use the POST for factor verify. ANy idea how can the stae token be retrieved to prompt the application level MFA?

 

Open to any suggestions to autehnticate using application level MFA.

 

Thank you
  • 1 answer
  • 882 views

  • chris.hancock1.4756186399413728E12 (Okta, Inc.)

    Hi Katie,

     

    Unfortunately I do not beleive we will be able to accurately address the questions you have raised without better understanding how you currently have everything configured. Essentially we will need to know the type of app you are currently using such as SAML 2.0, OIDC etc. and also review the current MFA enrollment, Okta Sign on and App Sign On policies to better undertsand the behaviour you are seeing. 

     

    Additionally as you are using the Okta API it will be beneficial to see the API calls you are making along with the request body. As this can clarify certain aspects for us as well.

     

    As such I would recommend raising a support ticket through the "Open a Case" button on our support site. https://support.okta.com/help and we will be able to provide better guidance.

     

    Thanks, 

    Chris
    Expand Post
This question is closed.
Loading
Application level MFA through API?