Our organization is setting up a new Angular application using the custom widget from Okta. Because we are using MFA we have used showSignInAndRedirect and have handled the redirect once the user authenticates with no issues.

The question I have is that if a user is signing in from a browser that is not in private or incognito mode, the MFA redirect goes to our okta domain i.e. {organization}.okta.com at which point the user is prompted to enter their code based on their chosen authentication method. However if in private or incognito mode, the user seems to be able to handle the MFA within the application itself i.e. https://{domain}/login and doesn’t redirect to the okta domain to handle MFA. When in private/incognito, we can then use custom designed MFA screens provided by the Okta Widget. We’d like to be able to do the same without being in a private browser mode. Is there something missing in our configuration of the signin widget that a private browser enforces but regular browser viewing does not?

Ideally we are hoping that the user can have the ability to enter their MFA codes into the custom designed widget rather than redirecting to the Okta domain after their username and password have been entered for a more seamless experience.

Thanks so much in advance.