An MFA policy in an application refers to the set of rules and guidelines that dictate how Multi-Factor Authentication (MFA) is implemented within that specific application. This policy determines when and how users are required to provide additional verification, beyond just a password, to authenticate their identity.
Step 1: Click on the Application –> you will see the page with details of the application.
Step 2: On the bottom left corner, you will see the Edit MFA Policy link.
Step 3: Fill in the required details.
- Select the type of method you are opting for the security under preferences information.
- OTP via email or phone
- Secure link via email or phone
- The number of Grace logins (allows users a limited number of logins, or a period of time, to access a system without completing the usual authentication requirements) you would like to provide.
- Provide the setting required under Session scope information
- Scope: choose where you want the setting to reflect either under the whole Repository or specific Application
- Duration: You can mention the time till when you want this feature to be active till
- In case you want to allow a user to use the application even if MFA is not enabled click Allow on the other information section.