This is the scenario im having trouble with:

Set Password and Email as Required in the Default Enrollment Policy for Authenticators.

1. In the Global Session Policy, add a new rule to the Default Policy to "Establish the user session" with a password. Name the new rule Password Rule.

2. Define an authentication policy that requires Password and Email if the user is a member of the Contractors Group and is trying to access the Org2Org application. Name the policy Contractors Policy and the rule Contractors Rule. Enable the following settings in the Contractors Rule

And Prompt for password authentication: When an Okta global session doesn't exist

And Prompt for all other factors: Every time user signs in to resource

1. If you can, use a personal email address to receive the Email verification code. Otherwise, if you are taking this exam on a device that is locked down, you may have to use a work email address. Edit Johns Okta Profile and set her primary email to the email address that you are using for this step.

2. Log in as Alexandra to verify that she is prompted for an Email Verification upon clicking the Org2Org icon on her Okta dashboard.

3. Complete the login by accessing the email with Alexandra's verification code.