TrevorS.65706 (Customer) asked a question.
Hello All,
I am working in a fairly new Okta environment. Most of the organization is under normal mfa restrictions to do account recovery and logins. We have a few outlying groups that will be accessing very limited web apps with personal devices. These people have no idea what their IP address will be (or how to find it) and are essentially volunteers. Since their accounts are low security I was trying to find a method of authentication that would allow them to reset their passwords without requiring them to have a company app on their phones.
So far the best idea we have come up with is to manually add each of these users to an exception list from our normal password policy and catch them in a policy with less restrictions. This worked when we had a total of 7 users needing this treatment but another group of 49 volunteers is being added. I cannot find a way to create exceptions by active directory or Okta group. I am hoping there is a better way to accomplish this task. If you have any recommendations I appreciate the suggestions.
I understand the issue now, at this time you can only add users individual. However you can create a new Password policy to be applied to that particular group and you would make it the first priority so that it applies to the specified group only.
--
Subscribe Today: The Okta Community is on YouTube