How to know user completed MFA challenge during login?

We have an scenario where we want to do on-demand MFA using OKTA API when user performs high risk transactions. If the user already completed MFA during the login , we don’t want to ask MFA for next 15 mins. Is there away to get MFA challenge completion using any API or in the token itself post login?

Hi @gauthamlikesokta,

You can look at performing a step up authentication and set up the max_age to 15 minutes to protect the risk transactions.

1 Like

@Regis how do we know age is not expired , is there an API which lets us know ?