Enable multi-factor authentication

Complete this procedure to enable multi-factor authentication in an identity provider (IdP). The factors you select are required when users attempt to access a website that requires or is enabled for authentication.

How to

  1. In the navigation menu, select Identity > Identity Providers.
    Note: If you are trying the new Enterprise Center interface, in the navigation menu, select Identity & Users > Identity Providers.
  2. To add a new identity provider, click the plus sign icon or click the name of the identity provider that you want to modify.
  3. If you are adding a new identity provider, enter a name, description, and select the provider type.
  4. To enable an MFA policy, toggle IDP MFA Policy.
  5. In the MFA timeout field, enter the number of days that you want an MFA session to last.
  6. In the MFA Factors field, select one or more factors for multi-factor authentication.
  7. Click Save.

Next steps

  1. Deploy the IdP configuration. For more information, see Deploy configuration changes.
  2. Make sure the IdP is assigned to the policy where you want MFA enabled. For more information, see Require authentication to access a website.