Use multifactor authentication with the LDAP Interface

If your org has implemented MFA for admin users, you need to include your MFA token information and your admin password when you sign in to the LDAP Interface.

To use the Verify Push factor with the LDAP Interface, users append the string ,push to their credentials. For example, <password>,push. When using the Verify Push factor, a notification appears that users can approve or deny. The push notification is sent automatically when the user is enrolled in Verify Push and the ,push string is not used with the credentials.

For short message service (SMS) and voice verification, generate the token before doing the BIND. For example, after you sign in and press Send Code and an SMS is sent to the phone. You can then do a BIND and SEARCH with that SMS in the format of password, text code.

The format for entering your password and MFA token is:

<password,MFAtoken>

For example, you enter the following for Okta Verify:

password,123456

where password is your admin user password, and 123456 is the Okta Verify passcode.