Hi, I can't wrap my brain around this and would like a different perspective. I'll do it bullet wise because that works for me.
- We use a scim bridge to have control over provisioning user accounts between Active Directory/Okta and 1password.
- The scope is to acces the vaults online through a browser preferably through Okta. Apps or clients are not in scope yet.
- Company policy demands the use of MFA. We can set it in Okta or in 1Password.
- When I set MFA in Okta for 1Password on the application level, users can circumvent it by browsing to the url directly.
- When i set MFA in 1Password, it gives me this. (last remark)
I thought the scim bridge is nothing more then a way to provision users from one platform to another. Since SSO isn't even possible because SAML isn't supported I don't understand where MFA should be configured. Please help.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided