NicD.35192 (Customer) asked a question.
OIE: Can't remember MFA/device when ADSSO is enabled
OIE has changed how the remember this device functionality works. You used to be able to check a checkbox on the MFA prompt screen for that MFA to be remembered for a period of time. That functionality has been moved to a single keep me signed in checkbox on the main login page. When Agentless Desktop Single Sign On is enabled, users do not see that login screen and therefore are unable to check the stay signed in checkbox. This has users completing MFA on every sign in, which is not what we want.
Has anyone worked out a work around for this?
Hi @NicD.35192 (Customer)
, Thank you for reaching out to the Okta Community!
I see that you've also posted this as a Feature Enhancement request.
I'll post it here as well to increase it's visibility.
https://ideas.okta.com/app/#/case/162021
In the meantime, the only workaround I can think of is to have the user initially access the login page by using the bypass URL ( <yourorgnamehere>.okta.com/login/default ) to set the checkbox, then if the cookie is set I would imagine the subsequent authentications would work. Can't confirm this as my environment is not set up for this flow, but you can give it a shot.
If my answer helped, remember to mark it as best to increase its visibility for other members of the Okta Community who might have the same questions as you.
Hope my answer helps!
--------------------------------
The Okta Community Catalysts Program is now live. Collect online badges when you participate in the Okta Help Center Questions community. Learn more here.