...
Div | ||
---|---|---|
| ||
Home / Single Sign-On and MFA / Multi-Factor Authentication / Current: Setting the MFA Points Granted by SSO Connections |
...
Each SSO Connection (Service Providers and Identity Providers) that you federate with EmpowerID can be configured with a an MFA point value to help users reach the required number of points for accessing to access EmpowerID as specified on their assigned Password Manager Policies. MFA points granted by an SSO Connection start at 0 and can be incremented depending on the trust factor your organization places on the provider. For example, if you are setting the number of MFA points for an IdP, you might choose to give a more trusted Identity Provider, such as the Windows IdP, a point value of 2, and a less trusted IdP, such as a social media IdP, a point value of 1 or 0.
Info |
---|
If the IdP selected by users grants enough points to meet your policy requirements, those users are granted access once authenticated. If the IdP does not, further points |
...
must be acquired. |
To set the MFA points granted by SSO Connections
- From In the Navigation Sidebar, navigate to the OAuth Application management page by expanding Admin > expand Admin, then SSO Connections, and clicking click OAuth.
- From the OAuth Service Provider tab of the OAuth Application management page, search for the provider to which you want to set the number of MFA points and then click the Display Name link for that provider. In this example, we are selecting This example selects Google ReCaptcha.
- From the External OAuth Provider Details page that appears, click the Edit link. Edit links have the Pencil icon.
- Type the desired point value in the MFA Point Value field and then click Save.
Info |
---|
|
|
Concepts:
Administrative Procedures:
- Setting the MFA Points Required by Password Manager Policies
- Assigning MFA Types to Password Manager Policies
- Setting the MFA Points Required by Applications
- Assigning Adaptive Authentication Rules to Password Manager Policies
- Assigning MFA Types to Applications
- Editing MFA Type Point Values
- Integrating DUO Two-Factor Authentication
- Integrating Yubico OTP
- Registering and Issuing Vasco Hardware OATH Tokens
- Customizing the MFA Retry Limit
User Tasks
| ||