Configure MFA for Active Directory Federation Services (ADFS)
Modify configuration
- Edit c:\Program Files\Okta\Okta MFA Provider\config\okta_adfs_adapter.json.
- Save the file after making your changes.
- Restart the ADFS service.
- Open a Microsoft PowerShell as an administrator.
- Enter and run the command: Restart-Service adfssrv -Force
- Exit PowerShell.
Configuration changes take effect on service restart. Always restart the ADFS service after changing your configuration.
Properties
Admins should avoid changing any field not listed in the table that follows.
Property | Description | Default |
Example |
---|---|---|---|
useOIDC |
When enabled, the ADFS adapter authenticates using OpenID Connect. |
false |
"useOIDC": true |
allowNoMfa |
Allow the user to sign in without requiring a second authenticator (based on the ADFS app policy). Used during set-up and when troubleshooting. |
true |
"allowNoMfa": false |