Okta Temporary Access Code (TAC) Authenticator

Okta’s Temporary Access Code (TAC) authenticator allows administrators to generate short-lived access codes directly from a user’s Universal Directory profile.

Perfect for scenarios like new user onboarding or lost authenticators, TAC ensures users can regain access securely, without compromising Zero Trust principles.

How it works:

  • Admins verify the user’s identity
  • Generate the TAC in Okta
  • Share it securely (for example, via phone call or another out-of-band method)
  • User enters the code during sign-in to complete authentication

This feature gives organizations a safe fallback method for identity assurance while maintaining complete administrative control and auditability.

Below some screenshots of the configuration and end user experience.

  1. Log in to your Okta tenant and check any user. As you can see, there is no temporary access code option available.

2. In your Okta tenant, go to Authenticators and add a new authenticator.

3. Select the Okta Temporary Access Code and click Add.

4. Configure the Okta Temporary Access Code options like minimum and maximum length.

5. In the Okta Admin Console, look for a user and click in More Actinos. Now you will see the Okta Create Temporary Access Code option available.

6. If you click for that user, you can specify the expiration time for the Okta Temporary Access Code.

7. Once created, now you can share this code with the end-user.

8. Now try to login with the End-User credentials, and now a new option is displayed called Temporary Access Code.

9. Click on it, and now you can put the code provided by the Okta Administrator.

11. Once Okta verify the Temporary Access Code, the user can now access the Okta Dashboard.

Gabriel Magarino – Senior Security Manager | IAM Evangelist - Experienced leader with over 20 years in the IT and cybersecurity industry, specializing in Identity & Access Management. Expert in Okta, One Identity, SailPoint (IdentityIQ & IdentityNow), OneLogin, Delinea, and CyberArk. Passionate about exploring IAM and emerging technologies, coaching, and training IAM teams. Holds a Master’s in Computer Science and multiple certifications, including Okta Professional & Administration, One Identity Architect & Instructor, SailPoint Identity Now, ITIL, Scrum Master, among others. Currently pursuing a PhD with a focus on Computer Science and Artificial Intelligence.

Published On