henil
September 21, 2021, 11:11pm
1
We have a use case where we need to authenticate another user while one user’s session is still active.
One user is already logged into Okta.
Need to verify another user’s authenticity(with same IDP) in the same browser without disturbing first user’s session.
Requirement to have MFA enabled.
Trying with different applications(one for login and another one for verification) with different Sign-On Policy rules but no luck yet.
Is this even possible ? If yes, please advise the possible approach.
Thanks in advance!
andrea
September 22, 2021, 4:05pm
2
If User A is still logged into Okta in the browser and User B needs to login, you MUST end User A’s Okta session. Otherwise User B will be unable to login
henil
September 27, 2021, 5:29pm
3
Thank you for the response Andrea!
So is there a way we can achieve this use case?
We can create dedicated applications (SAML, oAuth etc) with different Sign-on policies for such business use cases like login and Verification etc.
Thanks!
We have to keep following things in mind: If user close the browser without logout. If session time out. I would appreciate any help on this. explain with.
The length of a user staying logged in until they are automatically logged out depends on the sensitivity of the data.
Thanks for the information.