AndrewB.52439 (Vivun Inc) asked a question.
App-specific signon policy requiring MFA check
Hello,
We have our Okta's auth setting to require MFA at every session.
If I then set an app-specific policy to require MFA at every session... is it actually useless? Because Okta's already doing that? Or is this specific to the app's session?
I've tested this and think this setting would be useless; it did not prompt me for MFA on top of the initial Okta sign-in MFA. But I just want to be sure.
It would be really nice to have more options for app-specifics; at every sign-in is really obnoxious for our developers using scripts. And then we have no other options because the next one is "per session" which we're already doing.
Hello Andrew,
I hope you are doing fine.
With Okta you can select different options for the Multifactor Authentication.
With a Sing On policy, you can add MFA to the ORG for all your users or specific groups.
Also, you can use the App Sing On policies to add MFA to specifics apps
Please check the following link for more information: https://help.okta.com/en/prod/Content/Topics/Security/policies/about-app-signon-policies.htm
Regards,
Natalia
Okta Inc.