Never Build MFA Again: A Developer’s Guide to Transactional MFA
Vivek Mishra
Followed it exactly the same but instead of being redirected to http://localhost:3000 it’s redirecting to https://<okta domain="">/signin/verify/google/token%3Asoftware%3Atotp. Not sure what’s wrong?
Directly hitting the SAML embedded link also redirects to https://<okta domain="">/signin/verify/google/token%3Asoftware%3Atotp
Jefferson Haw
Hi Vivek! have you requested the extra feature flag from Okta support to be enabled in your Okta org?
“In this example, you will be using a new early-access feature called Step-up authentication with Okta Session. This is a new feature that allows you to get a stateToken from Okta and use it as a parameter within the Okta Sign-In widget so that you can bootstrap the Okta Sign-In widget to do MFA automatically. If you don’t have this feature enabled, I would suggest creating a support ticket to have this feature enabled on your Okta tenant.”
Vivek Mishra
Thanks Jefferson, It worked like charm after enabling the above mentioned feature. I thought it’s enabled as I couldn’t see it in the EA section in the settings.
Jefferson Haw
Hi Vivek
That’s great to hear. Apparently, there are some features which requires us to contact Okta support. Hopefully, this feature gets Generally Available.