leafleafleafMan illustration
Updated on November 25, 2025
Settings

MFA Policy

Estimated reading: 2 minutes 1113 views

The MFA Application Policy allows administrators to define Multi-Factor Authentication (MFA) requirements at the application level within Visual Guard. This provides fine-grained control over how MFA is enforced for users accessing specific applications. This policy determines when and how users are required to provide additional verification, beyond just a password, to authenticate their identity.

Purpose
While the Global MFA Policy defines system-wide behavior, the Application Policy enables exceptions or stricter rules per application. This is useful when different applications have varying security requirements.

Configuration Options

  • Require MFA for this application: Enforces MFA for all users accessing the specified application, regardless of their individual MFA settings.
  • Inherit from Global Policy: Applies the MFA rules defined in the global policy to this application.
  • Custom Exceptions: Optionally exclude specific roles or users from MFA enforcement within the application scope (if supported).

Usage Notes

  • This policy takes precedence over individual user settings but may be overridden by the Global Policy depending on configuration.
  • Useful for protecting high-risk or sensitive applications with stricter access controls.
  • Can be configured in the Visual Guard Console under the “Applications” section.

Below are the steps of how you can configure the MFA policy application wise.

Step 1: Click on the Application –> you will see the page with details of the application.

Step 2: On the bottom left corner, you will see the Edit MFA Policy link.

Step 3: Fill in the required details.

  • Select the type of method you are opting for the security under preferences information.
    • OTP via email or phone
    • Secure link via email or phone
    • Microsoft Authenticator (TOTP)
  • The number of Grace logins (allows users a limited number of logins, or a period of time, to access a system without completing the usual authentication requirements) you would like to provide.
  • Provide the setting required under Session scope information
    • Scope: choose where you want the setting to reflect either under the whole Repository or specific Application
    • Duration: You can mention the time till when you want this feature to be active till
  • In case you want to allow a user to use the application even if MFA is not enabled click Allow on the other information section.
MFA – Multifactor Authentication

Recently Viewed articles

Powered By Visual-Guard