<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008C3jgiSABOkta Classic EngineOkta Integration NetworkAnswered2024-04-24T19:24:45.000Z2016-07-19T20:23:17.000Z2020-04-03T12:13:11.000Z

tvoft (tvoft) asked a question.

Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:19 AM
Does the OKTA SAML 2.0 implementation implement forceAuthn
We want to be able to request entering and validating of credentials at will as part of an electronic signature workflow in our application.

 

We want to pass ForceAuthn="true" as an attribute for the AuthnRequest. The goal is to notify the IdP to not use any previous security context when authenticating the user. 

 

With SAML 2.0 and orceAuthn="true" as an attribute for the AuthnRequest we can implement this.  We want to know if OKTA supports forceAuthn="true" as an attribute for the AuthnRequest.
  • 2 answers
  • 6.33K views

  • pwilcox1.3573498050412961E12 (Okta, Inc.)

    Hi Richard,

     

    If you build a custom SAML app in Okta, one of the configuration options is "Honor Force Authentication".  You can enable/disable this setting.  If you are using a pre-built application in the Okta Application Network the setting is static, however it can be changed for your tenant at your request.

     

    ~ Patrick
    Expand Post

  • RamK.95865 (Customer)

    Is this Honor Force Authentication feature available when configuring an app using OIDC

Loading
Does the OKTA SAML 2.0 implementation implement forceAuthn