Enable a global PCI DSS compliant MFA for
Login Portal users
Configure Payment Card Industry Data Security Standard (PCI-DSS) MFA for Akamai
IdP
When you enable PCI DSS-compliant multi-factor authentication
(MFA), users who log into the portal are required to use their standard login
credentials and a time-based one-time password (TOTP) authentication token every
time they log in. If the username, password, and time-based token are correct, the
user has access to all of the applications associated with the identity provider
(IdP). If any of the credentials are incorrect, the user does not have access to the
application and an error message appears. Specific details of which step in the MFA
process failed is not provided to the user.MFA authentication failure
error message on the Login Portal login page.
To enable PCI-DSS multi-factor authentication in an IdP:
How to
Log in to the Enterprise Application Access (EAA) Management Portal.
Click Identity > Identity Providers in the top menu bar.
Click the Configure Identity Provider icon on the
identity provider.
Click the Multifactor tab.
Select the IdP MFA Policy checkbox. Do not select any of
the MFA factors.
The IdP PCI DSS
Complaint checkbox appears. Select it. The MFA factors
section will only show the TOTP
checkbox.
Select the TOTP checkbox.
Note: If you selected any of the
MFA factors like email, SMS, or Duo in step 5 and then went to step 6, you
will see a window, asking you to deselect those options.
To save changes click Save & Exit
or Save and go to
Advanced Settings.