MFA factor configuration

Multifactor authentication (MFA) is an added layer of security used to verify an end user's identity when they sign in to an application.

An Okta admin can configure MFA at the organization or application level. If both levels are enabled, end users are prompted to confirm their credentials with factors when signing in to Okta and when accessing an application.

To learn more about admin role permissions and MFA, see Administrators.

Supported MFA factors


  • MFA for RDP, MFA for ADFS, RADIUS logins, or other non-browser based sign-on flows don't support the Custom IdP factor.

  • MFA for RDP doesn't support the Duo Security or FIDO2 (WebAuthn) factors.