<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008G7VYtSANOkta Classic EngineMulti-Factor AuthenticationAnswered2024-04-18T09:26:58.000Z2018-04-16T18:27:31.000Z2018-04-23T18:52:52.000Z

t0naj (t0naj) asked a question.

Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:20 AM
Is it possible to prevent the Okta Verify Push from being sent from the same device where a VPN connection is originated?
Our VPN client can be installed on mobile devices, but that creates a concern because we use Okta Verify for MFA, which could technically be installed on the same device as the VPN client.  We feel that somewhat defeats the purpose of "multi-factor authentication".  So, we were curious if Okta could prevent the push approval coming from the same device that the connection request was originated from.  Is that possible?

  • 1 answer
  • 1.35K views

  • rares.prisacariu1.5181826269608315E12 (Vendor Management)

    Hi, David 

    Rares here from Okta Support, thank you for contacting us.

    To answer the question, Okta will always send the push to the device it was enrolled on. if your VPN configuration allows it, you can choose another method of multifactor authentication besides Okta Verify. This way, the device that has VPN configured on will not take part in the MFA process.
    Expand Post
This question is closed.
Loading
Is it possible to prevent the Okta Verify Push from being sent from the same device where a VPN connection is originated?