okta-direct-auth/com.okta.directauth.model/DirectAuthenticationState/MfaRequired/challenge

challenge

suspend fun challenge(secondaryFactor: SecondaryFactor, challengeTypesSupported: List<ChallengeGrantType> = listOf(WebAuthnMfa, OobMfa, OtpMfa)): DirectAuthenticationState

Initiates an interactive multi-factor authentication (MFA) challenge.

This function is used for secondary factors that require an interactive step from the user, such as approving a push notification (PrimaryFactor.Oob) or using a security key (PrimaryFactor.WebAuthn). It sends a request to the server to start the challenge for the specified factor.

For factors that don't require a separate challenge step (like PrimaryFactor.Otp), the resume function can be used instead to directly exchange the passcode for tokens.

Return

The next DirectAuthenticationState in the flow. This is typically AuthorizationPending while waiting for the user to complete the challenge, or an error state if the challenge could not be initiated.

Parameters

secondaryFactor

The SecondaryFactor to use for the challenge, such as PrimaryFactor.Oob.

challengeTypesSupported

A list of ChallengeGrantTypes the client supports for MFA.

Generated by Dokka
© 2026 Copyright