izw7x (izw7x) asked a question.
persistent cookie
Hi Wanted to know about persistent cookie for remember me features and how can the same be implemented in Okta?
- chris.hancock1.4756186399413728E12 (Okta, Inc.)Hi Akshay, When you have sign on policies or per app sign on policies that challenge for MultiFactor Authentication on a per session or per device policy you will need to utilise the deviceToken context object for each authentication request. We document its use on our developer site here:https://developer.okta.com/docs/api/resources/authn.html#context-object "You must always pass the same deviceToken for a user’s device with every authentication request for per-device or per-session Sign-On Policy factor challenges. If the deviceToken is absent or does not match the previous deviceToken, the user will be challenged every-time instead of per-device or per-session." Additionally, You will also need to provide an option for users to choose whether they would like to remember their device, during the MFA verification. This option should then send this as a request parameter. i.e. /api/v1/authn/factors/:fid/verify?rememberDevice=true We also document this component on our developer site. https://developer.okta.com/docs/api/resources/authn.html#verify-factor "If the sign-on (or app sign-on) policy allows remembering the device, then the end user should be prompted to choose whether the current device should be remembered. This helps reduce the number of times the user is prompted for MFA on the current device. The user’s choice should be passed to Okta using the request parameter rememberDevice to the verify endpoint. The default value of rememberDevice parameter is false." Hope the above information is helpful, if you encounter issues implementing the above please feel free to log a support ticket and we will be able to provide more comprehensive guidance. Thank You,Chris HancockExpand Post
This question is closed.
