Enforce post auth session evaluation policy

By default, the post auth session evaluation policy is in monitoring mode. You can enforce the policy with or without configuring remediation actions.

In orgs with Identity Threat Protection with Okta AI (ITP) enabled, the post auth session evaluation policy monitors the user session for changes in IP address or device context. When ITP detects session context changes, it reevaluates the global session and authentication policies.

Policy modes

Monitoring: Default status. In this mode, the post auth session evaluation policy logs session context changes and session violations in the System Log. It doesn't enforce any remediation actions. You can review the System Log, dashboards, and ITP reports to understand the risk patterns in your org.
Enforced: Require the post auth session evaluation but without triggering any remediation action. ITP evaluates the global session and authentication policies for all the apps in the Okta session. Based on the policies applicable to the user, they may be prompted to reauthenticate.
Enforced with action: Enforce the post auth session evaluation policy with a remediation action. You can configure remediation actions such as Universal Logout or run a Workflow to take a custom action.

When the post auth session evaluation policy is in either of the enforced modes, users may be prompted to reauthenticate more often. As Okta AI learns more about the user's behavior over time, the re-authentication requests may decrease. If the number of re-authentication requests remains higher than expected, contact Okta Support.

Before you begin

Create Workflows for Identity Threat Protection if you want to take a custom remediation action when the post auth session evaluation policy is enforced with an action. Only delegated Workflows are supported.