App Condition for MFA Enrollment Policy

For an MFA factor enrollment rule, you can set an app condition for end user applications. With this condition set, end users can be prompted for factor enrollment either when accessing all applications or for selected applications that are specified by the admin.


Based on how the condition is set, end usersEnd users are people in your org without administrative control. They can authenticate into apps from the icons on their My Applications home page, but they are provisioned, deprovisioned, assigned, and managed by admins. may be prompted to enroll in a factor when accessing all applications available to them or for specific applications only.


Before you begin

Note the following when setting the appAn abbreviation of application. Essentially, it is a web-based site used to perform any number of specific tasks, and requires authentication from end users by signing in. condition:

Configure the app condition

  1. From the adminAn abbreviation of administrator. This is the individual(s) who have access to the Okta Administrator Dashboard. They control the provisioning and deprovisioning of end users, the assigning of apps, the resetting of passwords, and the overall end user experience. Only administrators have the Administration button on the upper right side of the My Applications page. dashboard, navigate to Security > Multifactor > Factor Enrollment > Add Multifactor Policy.
  2. Click Add Rule or Edit Rule to modify an existing rule. Note that a rule can only be added once a multifactor policy has been created.
  3. Under AND User is accessing, select Applications.
  4. Select Any application to apply this rule to all applications that can be accessed by the end user. Select Specific applications to manually enter the applications that will be affected by this rule. Only applications that are available to end users will be displayed here.
  5. Click Update Rule to save your changes.
  6. Edit Rule screen

For more information about factor enrollment policies and rules, refer to Multifactor Authentication.