Okta MFA for Vault UI login


I have configure auth/okta for integrating vault login with Okta, bypass MFA is disabled in Vault side , but I’ve noticed it’s allowing the users to login only by user and password without asking the user to enter MFA code

Is there a way to do so?


Sorry if this is too obvious, but is your okta configured to require MFA? In okta by default individual users can enable/disable MFA, but there’s also a way in the okta admin interface to require it, and it seems like that’s what you want.

Now, vault also has its own way of doing MFA, and it may be that you can enable that in addition to the okta auth method to force people to do MFA even if your okta config doesn’t require it, but I haven’t tried this. This is configured separately from the auth method, and you have a number of MFA methods available including okta.

1 Like

Hello @pita , yes MFA is required in my Okta . I will try to configure Okta MFA on Vault
Thank you for your answer!