Hey there,
we are using the Okta sign-in Widget for authentication.
We would like to give our customers the decision if they want to enroll a MFA or not. The use case goes as follows: customer registers and customer logs in. Within the user session, a customer should have an action to just enroll MFA, best via the Widget. Is there a way to bypass the need to log out, “activate” MFA enrollment and let him log in again and handle the enrollment there?
Many thanks
Are you trying to avoid having the user do this via the Okta UI? Once a user is created, they can enroll in MFA factors themselves by going the the Settings menu from the end-user dashboard: https://oktaDomain/enduser/settings
If you want to do this via your own UI, you will not be able to do so via the widget unless the user meets the criteria for MFA enrollment, based on your policies.
You may want to look into making these API calls directly using our Factors API so that you can enroll users in enabled factors.
I am aware of this option the “force” the user to do this along with his regular login, dependent on our security configuration.
I am looking at the situation where the user is already logged in and now I want to give him the option to enroll. This can be achieved via logout/login or explicit API calls. I am asking if there is an option in the widget to initialize it directly in this mode like password recovery.
