Setting the order for the Okta authentication methods

The Authentication methods order option may be used to specify the order for the list of the multifactor authentication methods that are presented to an Okta user for challenge response authentication.

The order may be specified by either a list on the target address configuration page or from a file.

When choosing the list option and specifying the multifactor authentication methods, these fields allow multiple values. To fill in multiple values, select List from the drop-down list box displaying in front of these fields, and use the More button to add additional input boxes when more than one value is given. The value in each input box is treated as a single value, for example:

These values represent the following multifactor authentication methods:

There is also an option to specify the authentication order in a file. To use the file, select File option from the drop-down list and specify the file name in the field.

The file must be located in the \<instance>\script\ directory and contain a list of the authentication order for the Okta multifactor authentication methods.

To specify the authentication order:

   # KVGROUP-V2.0
   authorder = {
      "token:okta";
      "push:okta";
      "sms:okta";
      "call:okta";
      "token:google";
      "token:yubico";
      "question:okta";
   };

The list of the multifactor authentication methods may be modified to re-order how they are presented to a user for challenge response authentication.

If the user has more multifactor authentication methods than what is provided for the authentication methods order, the methods provided in the list will be the first ones that are shown to the user and the remaining methods will be directly underneath in the provided list to the user.