MartinF.15473 (Customer) asked a question.
I have activated the security question for recovery only, and under the enrollment default policy I set the security question to be required. Nonetheless, when a user activates their account, the security question shows as optional.
I activated the security question as indicated here: https://help.okta.com/oie/en-us/Content/Topics/identity-engine/authenticators/configure-security-question.htm, but it doesn't work.
On the password's default policy rule, I set the recovery authenticator to have the additional verification as "only security question", but it still shows as optional. I found this suggestion here: https://support.okta.com/help/s/article/How-to-Force-Security-Question-Enrollment-the-First-Time-a-User-Signs-In?language=en_US
How can I make the security question to be required on user activation?
As a note, our Okta org is using OIE.
Hello @MartinF.15473 (Customer) Thank you for reacting out to our Community!
Wile this has been configured to the Default policy, your user might not hit the default policy and it would be a different policy that he would apply to, hence the missing Security question or marked as Optional.
We would recommend to review the logs for the user activation and see what policy he has been hitting and adjust the additional policy's.
Community members help others by clicking Like or Select as Best on responses. Try it today.