Updated Date: 04/30/2026
Creating a virtual server for Okta API
You create a virtual server to act as the traffic destination address. Then you associate both a per-session policy and a per-request policy (properly configured using Okta MFA) with the virtual server. Requests coming in are protected using two levels of authentication: first at login and second Okta MFA.
If you have already created a virtual server, simply open it to make sure that the fields required to implement MFA with Okta Factor API are set correctly.
-
On the Main tab, click Local Traffic > Virtual Servers.
The Virtual Server List screen opens.
-
Click Create.
The New Virtual Server screen opens.
-
In the Name field, type a unique name for the virtual server.
-
For the Destination Address/Mask setting, confirm that the Host button is selected, and type the IP address in CIDR format.
-
In the Service Port field, type
443or select HTTPS from the list. -
From the HTTP Profile (Client) list, select http.
-
For the SSL Profile (Client) setting, from the Available list, select clientssl, and using the Move button, move the name to the Selected list.
-
From the Source Address Translation list, select Auto Map.
-
If you have several servers that host your backend applications, you may want to set up load balancing and create a pool. If you do, you should specify the Default Pool in the Resources section.
-
In the Access Policy area, from Access Profile, select the access policy you created, and which performs the primary authentication.
-
From Per-Request Policy, select the per-request policy you created for Okta API.
-
Optional: Customize other settings as needed, or use the defaults.
-
Click Finished.
The virtual server is created with the access policies and appropriate settings for Okta MFA.
You should send traffic to test the login process.