MFA Policy

Estimated reading: 2 minutes 144 views

An MFA policy in an application refers to the set of rules and guidelines that dictate how Multi-Factor Authentication (MFA) is implemented within that specific application. This policy determines when and how users are required to provide additional verification, beyond just a password, to authenticate their identity.

Step 1: Click on the Application –> you will see the page with details of the application.

Step 2: On the bottom left corner, you will see the Edit MFA Policy link.

Step 3: Fill in the required details.

  • Select the type of method you are opting for the security under preferences information.
    • OTP via email or phone
    • Secure link via email or phone
  • The number of Grace logins (allows users a limited number of logins, or a period of time, to access a system without completing the usual authentication requirements) you would like to provide.
  • Provide the setting required under Session scope information
    • Scope: choose where you want the setting to reflect either under the whole Repository or specific Application
    • Duration: You can mention the time till when you want this feature to be active till
  • In case you want to allow a user to use the application even if MFA is not enabled click Allow on the other information section.