JustinO.52013 (Customer) asked a question.
TAC Configuration
Hey OKTA admins!
We've recently added TAC as one of our Authenticator incase of an emergency. My initial issue is it is not showing on the end user side.
Steps we've done are.
~ Enabled TAC
~ Created Group for TAC users
~ Created Enrollment
- Password Required > TAC & Okta verify Optional
~ Added new Rule (put it on *1)
- Rule is user must authenticate with any 1 factor type
Current App Sign-in Rule:
> Allow all user access to OKTA Dash ALLOWED (with password auth)
> Default sign-in Role DENIED
>Catch-all-rule ALLOWED (with password auth)
These were the settings that was put in place before my time. I'm trying to figure out if these are interfering with me enabling TAC.
Thanks so much!
Hi @JustinO.52013 (Customer) , Thank you for reaching out to the Okta Community!
Please review the TAC configuration guide here.
You will need to make sure that the TAC authenticator is enabled under enrollment policies (typically set as Optional when first added) and implement a dedicated authentication policy for its use.
You will also need to keep into account the authentication policy/rules priorities as they dictate which is evaluated first on login.
If you continue to experience issues with the implementation, please open a case to go over things with our colleagues from the Support team.
If my answer helped, remember to mark it as best to increase its visibility for other members of the Okta Community who might have the same questions as you.
Hope my answer helps!
--
Help others in the community by liking or hitting Select as Best if this response helped you.
Collect them all. Learn a new skill and earn a new Okta Learning badge.
Just released: More Okta Community badges just added