f1e4j (f1e4j) asked a question.
App-level MFA for hosted Okta widget
Hi
We have an application configured in okta and when I added the policy rule on app-level that requires MFA actions I got the following error when trying to login instead of promoting me to MFA page: The current sign-on policy requires this client to redirect for re-authentication or MFA. Please contact your administrator.
Also, the error in the console is error.errorCode: login_required, error.description: The client specified not to prompt, but the client app requires re-authentication or MFA.
What else should I configure to make it work?
Thanks
Hello @f1e4j (f1e4j)
I hope you are having a great day
Thank you for posting, When accessing the authorization endpoint and having the app level MFA prompt, there is a stateToken generated which is used to prompt for MFA. If you are using a custom domain, you can update the login page for the custom domain URL and capture the stateToken as follows: var config = Okt.
You can learn more about this topic in the following link: https://devforum.okta.com/t/the-client-specified-not-to-prompt-but-the-client-app-requires-re-authentication-or-mfa/11165/2
If you need further assistance you can also feel free to post this question on our Okta Developer Forums: https://devforum.okta.com, this is a place for the Okta developer community to interact.
Have a great day ahead
Regards
Henry E.
Okta Inc