p.modica1.5112259085269954E12 (Customer) asked a question.
How to configure step-up authentication?
We are trying to configure our Workday SAML integration with OKTA with step-up authentication. I see this is listed as a feature of OKTA MFA (https://www.okta.com/blog/2015/09/meet-okta-adaptive-mfa/) but unable to see how to configure it.
Workday (SP) sends a different (configurable free text) authnContextClassRef than the standard 'PasswordProtectedTransport' when requesting step-up auth. Although I do not see where in the App Sign-On Rule to specify when context 'xyz' prompt for factor. Only options listed for Sign-On are IP ranges and group membership.
Thanks
Hello Peter
I have had a look through our documentation and currently Okta's contextual access is mainly focused on device trust and the only reference I have found for application is listed on the following link : https://developer.okta.com/docs/api/resources/authn#sp-initiated-step-up-authentication%E2%80%8B
The flow you are looking for is currently not supported in Okta, however please also find the link to our Roadmap https://support.okta.com/help/s/productroadmap?tabset-e7458=3