Authentication Policy Constraint for specific IdP factor

Hi there - we were suggested to post here based on this question: Okta Help Center (Lightning)

I’m aware of the Authentication Method Object and the Authenticator key, type, method, and characteristic relationships table as well from: Policy | Okta Developer

I’m wondering if it’s possible with policy constraints to restrict which IdP factor is used to authenticate to an app?

For example if we have this:

      "possession": {
        "required": true,
        "methods": [

It will allow any IdP factor which the user has enrolled. As mentioned in the Okta support question this poses a challenge if we have a staging and prod IdP and IdP factor in the same Okta environment.

Hi there,

Currently it is not possible to restrict which IdP factor is used to authenticate to specific apps.

We suggest you submit a feature request to Okta Ideas, more information about how to use Okta Ideas found here: Okta Help Center (Lightning).

Once ideas are submitted, other Okta admins will have the ability to vote on them to help our Product team prioritize requests. Additionally, you will be able to monitor the potential for future enhancements there.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.