We have an scenario where we want to do on-demand MFA using OKTA API when user performs high risk transactions. If the user already completed MFA during the login , we don’t want to ask MFA for next 15 mins. Is there away to get MFA challenge completion using any API or in the token itself post login?
You can look at performing a step up authentication and set up the max_age to 15 minutes to protect the risk transactions.
1 Like
@Regis how do we know age is not expired , is there an API which lets us know ?