<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D51Y000096OI8kSAGOkta Classic EngineMulti-Factor AuthenticationAnswered2024-04-16T12:19:25.000Z2020-07-31T04:51:47.000Z2020-07-31T15:47:02.000Z

yrgwq (yrgwq) asked a question.

July 31, 2020 at 4:51 AM
How can I enforce users to enter their MFA code?

I have a Multifactor policy that requires Okta Verify enabled. When a user with that policy signs in to Okta from a new browser session (I use Chrome's secret window), the user was not required to enter the TOTP MFA code and just could sign in with just username/password pair. I also want Okta to require TOTP MFA code when they request session tokens through Okta's Authentication API. How can I enforce users to enter the MFA code?

  • 2 answers
  • 2.14K views

  • yrgwq (yrgwq)

    I solved this myself.

     

    In admin console, go to Security > Authentication > Sign On. Edit the current policy or create a new one. Add a rule with Prompt for Factor checkbox is on and Every Time radio button is on. Then assign the Sign-on policy you created to users who you want to be asked for MFA code when signing in.​

    Expand Post
This question is closed.
Loading
How can I enforce users to enter their MFA code?