But how do I utilize this feature, so that the MFA question is not required when logging in from the same device?
I do not see anything on the object to post back when I verify the question answer?
I see now that I must pass the devicetoken during the authentication process like below…
{
“username”: “someuser”,
“password”: “********”,
“Context”: {
“deviceToken”: “LcXgMJAvofqXc+njrIIzf6Kc4TIs6wmo”
}
}
and then add /verify?rememberDevice=true to the MFA authentication URL, but I still am getting MFA_REQUIRED when logging back in again passing the same devicetoken.
I also have the Per Device selected in my Sign On policy Rule.
Next time you login with same device token should get session token and not "MFA_REQURED . If you implementing this with own application you need to create cookie with device id. Ithas to be secured cookies.
Okta drops device cookie “DT” in browser . If you clear your cache then you will be ask again. You need to implement this flow in login process to validate DT and every time user login