I have setup developer account and create SPA. I have enabled multi-factor setting from security tab(classic UI) for push notification and security question.
For the first time login it’s asking to enter security question or scan QR code but when I login next time it just ask me enter login/password but does not ask me to verify thru QR code or secuiry quetion.
how can I enable to ask customer to enter verification code via sms/email or authenticate via qr code or security question every time?
Hey @nsoman! Are you looking to add MFA across your entire organization or for your SPA only? Both follow a similar setup, but are located in different places in the UI.
Org-wide MFA
Navigate over to the Security tab, then select Authentication from the dropdown menu.
Select the Sign On tab and Add Rule to either your default or custom policy.
In the Add Rule dialog, select Prompt for Factor and Every Time.
This will prompt for MFA whenever a user is accessing your Okta organization. Therefore, when authenticating into your SPA, users will be prompted for MFA everytime.
App MFA
Navigate over to the Applications tab, then select Applications from the dropdown menu.
Find your SPA or the app you’d like to add MFA to, and select it.
Click on the Sign On tab, and scroll down toward the bottom to find the Sign On Policy section.
In the dialog, under Actions → Access - click the Prompt for factor checkbox and select Every sign on.
Hope this helps! If I missed anything - checkout the documentation here and here.
Thank you @jmelberg. I would try out with app wide MFA. Could you also tell if MFA via e-mail supported with developer account like every time customer logs-in code is sent to email which is then entered by customer?
What you are asking for is passwordless, it is a feature that is on our roadmap for this year. You can log a case with developers@okta.com to get information on delivery.