Setting MFA Points Granted by SSO Connections
Each SSO Connection (Service Providers and Identity Providers) that you federate with EmpowerID can be configured with an MFA point value to help users reach the required number of points to access EmpowerID as specified on their assigned Password Manager Policies. MFA points granted by an SSO Connection start at 0 and can be incremented depending on the trust factor your organization places on the provider. For example, if you are setting the number of MFA points for an IdP, you might choose to give a more trusted Identity Provider, such as the Windows IdP, a point value of 2, and a less trusted IdP, such as a social media IdP, a point value of 1 or 0.
If the IdP selected by users grants enough points to meet your policy requirements, those users are granted access once authenticated. If the IdP does not, further points must be acquired.
To set the MFA points granted by SSO Connections
- In the Navigation Sidebar, expand Admin, then SSO Connections, and click OAuth.
- From the OAuth Service Provider tab of the OAuth Application management page, search for the provider to which you want to set the number of MFA points and then click the Display Name link for that provider. This example selects Google ReCaptcha.
- From the External OAuth Provider Details page that appears, click the Edit link. Edit links have the Pencil icon.
- Type the desired point value in the MFA Point Value field and then click Save.