Setting MFA Points on Applications

Home / Single Sign-On / Multi-Factor and Adaptive Authentication / Current: Setting the MFA Points Required by SSO Apps


In EmpowerID, multi-factor authentication (MFA) is a flexible, points based system that allows you to specify the number of factors that users must present when authenticating, as well as the weight or point value associated with each of those factors. When users reach the designated point threshold, they are granted access to the system. You specify this threshold on the Password Manager policies associated with your users, as well as each of the SSO applications registered in the system. Each application has a number of MFA settings that can be configured according to your security requirements. Of these settings, those related to MFA points include the following:

  • Min MFA Points if Local Subnet - This setting is used to specify the minimum number of points users within your local network must accumulate when authenticating. Points start at 0 and can be incremented as needed. When the value is greater than 0, users must accumulate the required number of points before access to the application is granted.
  • Min MFA Points if Remote Subnet - This setting is used to specify the minimum number of points users outside of your local network must accumulate when authenticating. Points start at 0 and can be incremented as needed. When the value is greater than 0, users must accumulate the required number of points before access to the application is granted.

To set the Multi-Factor Authentication Points on Applications

  1. In the Navigation Sidebar of the EmpowerID Web interface, expand Applications and click Manage Applications.
  2. From the Applications tab of the Applications management page, search for the SSO application to which you want to apply MFA and click the Display Name link for that policy.



  3. On the Application Details page that appears, click the Edit link. Edit links have the Pencil icon.



  4. From the application's Edit page, click the Single Sign-On tab and do the following as applicable:
    • Type a value in the Min MFA Points if Local Subnet field. This setting is used to specify the minimum number of points users within your local network must accumulate when authenticating. Points start at 0 and can be incremented as needed. When the value is greater than 0, users must accumulate the required number of points before access is granted.
    • Type a value in the Min MFA Points if Remote Subnet field. This setting is used to specify the minimum number of points users outside of your local network must accumulate when authenticating. Points start at 0 and can be incremented as needed. When the value is greater than 0, users must accumulate the required number of points before access is granted.



  5. Once finished, click Add to Cart.
  6. Click the Cart icon at the top of the page, type a reason for the change and then click Submit.

Related Content