Evaluate a risk score for each request
If you want to evaluate users' risk scores before they sign in to Okta, be sure that you configure the correct MFA requirements.
HealthInsight task recommendation
Configure a rule in your global session policy that checks a user's risk score and prompts for MFA accordingly.
Require high-risk users to provide MFA every time they sign in.
Security policies are evaluated every time a user with medium or high risk levels attempts to access an app. These users must authenticate more frequently.
Require MFA for high-risk users
In the Admin Console, go to .
Select the policy that you want to edit.
In the Rules table, locate the rule that you want to edit and make these updates:
AND Risk is: High
Multifactor authentication (MFA) is: Required
Users will be prompted for MFA: At every sign in
Click Update Rule.