leafleafleafMan illustration
Updated on April 23, 2026
Settings

MFA Policy

Estimated reading: 3 minutes 1431 views

The MFA Application Policy allows administrators to define Multi-Factor Authentication (MFA) requirements at the application level within Visual Guard. This provides fine-grained control over how MFA is enforced for users accessing specific applications. This policy determines when and how users are required to provide additional verification, beyond just a password, to authenticate their identity.

Purpose
While the Global MFA Policy defines system-wide behavior, the Application Policy enables exceptions or stricter rules per application. This is useful when different applications have varying security requirements.

Configuration Options

  • Require MFA for this application: Enforces MFA for all users accessing the specified application, regardless of their individual MFA settings.
  • Inherit from Global Policy: Applies the MFA rules defined in the global policy to this application.
  • Custom Exceptions: Optionally exclude specific roles or users from MFA enforcement within the application scope (if supported).

Usage Notes

  • This policy takes precedence over individual user settings but may be overridden by the Global Policy depending on configuration.
  • Useful for protecting high-risk or sensitive applications with stricter access controls.
  • Can be configured in the Visual Guard Console under the “Applications” section.

Below are the steps of how you can configure the MFA policy application wise.

Step 1: Click on the Application –> you will see the page with details of the application.

Step 2: On the bottom left corner, you will see the Edit MFA Policy link.

Step 3: Click on the Enable button to activate the MFA (Multi-Factor Authentication) feature –> Fill in the required details.

  • Select the type of method you are opting for the security under preferences information.
    • OTP via email or phone
    • Secure link via email or phone
    • Microsoft Authenticator (TOTP)
  • The number of Grace logins (allows users a limited number of logins, or a period of time, to access a system without completing the usual authentication requirements) you would like to provide.
  • Provide the setting required under Session scope information
    • Scope: choose where you want the setting to reflect either under the whole Repository or specific Application
    • Duration: You can mention the time till when you want this feature to be active till
  • In case you want to allow a user to use the application even if MFA is not enabled click Allow on the other information section.
  • Click on Save after setting up the policy.

Note: If the Override checkbox is selected in any of the sections, the application will follow the global policy settings. If it is not selected, you can define and apply specific actions for the application.

MFA – Multifactor Authentication

Powered By Visual-Guard