Description

The Jamf Connect Documentation lists a few examples of strings for the MFAExcluded key on the Login Window Settings page as displayed below.

<key>MFAExcluded</key>
<array>
<string>push</string>
<string>question</string>
<string>okta:token:software:totp</string> 
<string>google:token:software:totp</string>
<string>token:hardware</string>
<string>webauthn</string>
<string>web</string>
</array>

However there are additional possible prompts that appear as "FIDO webauthn" or "Okta SMS." Using the Okta Developer API reference we can see a longer list of factors.

FIDO webauthn would be the factor type "webauthn"	Okta SMS is the factor type "sms"

Hiding Okta MFA Prompts

To hide the prompt types above, include the following strings in the array for the MFAExcluded key in the Jamf Connect login plist:

<key>MFAExcluded</key>
<array>
<string>webauthn</string>
<string>sms</string>
</array>

Deploying Privilege Elevation Settings From Jamf Connect

Standardized Introduction Workflow for Jamf Connect Menu Bar

Have the Jamf Connect Menubar "Sign In" Window Appear when Password is Out of Sync

Standardized Introduction Workflow for Jamf Connect Login

Change Password with Okta Device Trust Certificate and off-VPN/off-site

Disable Okta MFA prompts (FIDO webauthn or Okta SMS) using MFAExcluded in Jamf Connect

Description

Hiding Okta MFA Prompts