How to enable MFA in Single Sign In Widget- Angular 1.x

I have the below working code, but my company uses MFA through VPN token(Android app), but the below code does not take me to the Second factor authentication screen. I am using Angular 1.

Localhost below is my website’s homepage which I wish to redirect the user to, post second factor authentication. But currently, it signs in directly after 1st Ldap authentication screen:

My sample code currently looks like this :

var config = {
    baseUrl: 'https://xyz.okta.com',       
    features: {
        autoPush: true,
        multiOptionalFactorEnroll: true
    }
}
var signIn = new OktaSignIn(config);
 var redirectURL = 'http://localhost:63229';   
  signIn.renderEl(
      { el: '#output' },
        function (res) {
         console.log(res);
         if (res.status === 'SUCCESS') { 
             res.session.setCookieAndRedirect(redirectURL);
         }
         } ); 

Please advise how can I implement Second factor Authentication here.

Any leads on this?

There is not much documentation available for Multi Factor Authentication using Single Sign-In widget.

MFA challenges are determined by the Okta Sign-On Policy requirements for your organization. It is common for policies use network conditions (e.g. on-prem or off-prem) to challenge for MFA. If you are not being challenged for MFA then you are matching a policy rule which skips MFA. I would recommend checking your network zones to make sure you are not matching an on-prem zone which bypasses MFA.

@mcguinness

I have earlier implemented the solution using Angular + API (.Net) where the OKTA response hits the recipientURL directly on the API on successful authentication using the same environment(same OKTA org).

In that case, it asked for Second factor authentication without any additional configuration.

I could not go forward with that implementation as I found no way to move to the Angular App from the WebAPI with user info and establish connection with (front end)Angular.

Not sure why it is not asking for Second Factor Authentication when I am using Single-Sign-In widget.

Thanks