KathyT.73511 (Anthropic Identity) asked a question.
Can I force a Okta Verify Number Challenge every time my Admins log into the Admin console
I would like to add some additional security around our Admin console by requiring a number challenge every time an Admin accesses the Admin Console. We do not want to set up the number challenge for every event (although it is set up for High Risk events) and I don't want to set up any behaviors because I want it to trigger every time they log into the Admin console. Is there any way to do that?
Hello @KathyT.73511 (Anthropic Identity) Thank you for posting on our Community page!
You can enforce this though the Okta Admin Dashboard app policy you have on your organisation, please see our article below on how to achieve this:
https://help.okta.com/oie/en-us/content/topics/security/mfa/mfa-enable-admins.htm
https://help.okta.com/oie/en-us/content/topics/identity-engine/policies/add-app-sign-on-policy-rule.htm
Thank you for reaching out to our Community and have a great day!
--
Help others in the community by liking or hitting Select as Best if this response helped you.
Maybe I'm missing something, but those documents don't show anything about the number challenge in Okta Verify. Can you be more clear about how to enable it for only my Admin Console?
I don't believe you can enable the number challenge by app. its only on a global level. There is an option for "high-risk" signons. Maybe okta sees admin logins as high risk? that im not sure of but you can test it
https://help.okta.com/oie/en-us/content/topics/identity-engine/authenticators/configure-okta-verify-options.htm?cshid=csh-okta-verify-number-challenge