Updated Date: 04/30/2026
Defining an HTTP Connector Transport for Okta MFA
Okta MFA requires that you create an HTTP Connector Transport to provide transport level parameters (such as an SSL profile and DNS resolver), used for sending requests to Okta.
-
On the Main tab, click Access > Authentication > HTTP Connector > HTTP Connector Transport.
-
Click Create.
-
Specify a Name for the connector transport.
-
Select a DNS Resolver that the transport uses to resolve the server name specified in the HTTP Connector URL. Click + to create a new resolver.
-
Select a Server SSL Profile that the HTTP Connector Transport uses to encrypt communication for the HTTP Connector. Click + to create a Server SSL Profile, then select the profile.
Important: Okta MFA requires encrypted communication for the connection so the Server SSL Profile is required.
Note: F5 recommends that for the Trusted Certificate Authorities field in the SSL profile that you do not use the default
ca-bundle.crt. Instead, create a smaller CRT bundle, which includes only the CA root certificates required by Okta. Refer to Okta documentation for details. -
Specify a limit for the Maximum Response Size, in bytes, that the HTTP Connector Request can receive. The Maximum Response Size limit is ignored if the Response Action in the associated HTTP Connector Request is set to Ignore.
-
Specify the Timeout in seconds for the HTTP Connector Transport connection.
-
Click Save.
The HTTP Connector Transport is defined, and appears in the HTTP Connector Transport list. You will need to select it when creating an Okta Connector.