<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008G7V7nSAFOkta Classic EngineAdministrationAnswered2024-04-16T11:50:45.000Z2017-12-28T18:46:55.000Z2017-12-28T18:46:55.000Z

izeip (izeip) asked a question.

Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:19 AM
Restrict website to Okta SWA
Hi,

 

I would like a certain website to be accessible only via Okta, so MFA can be enforced. The application is set up to use SWA and it works correctly, the problem is that someone could also browse to the website directly and bypass Okta/MFA. If I restrict the firewall to just Okta's IPs, this doesn't work as the client is redirect directly to the website after authentication.

 

Is there a way around this (while still using SWA)?

 

Thanks for any help.
  • 1 answer
  • 1.08K views

  • Jim Knutson - Okta (Okta, Inc.)

    Gregor, 

    Good Question. This is where SAML comes in. SAML is smart enough to know that there is an Identity Provider involved, and will defer to the IDP for a valid Okta Session, Once you control the app with SAML, you can then enforce any number of policies including MFA.

    Hope that helps! 

    Expand Post
This question is closed.
Loading
Restrict website to Okta SWA