Configure MFA for DPA

This topic describes how to configure MFA in Identity Administration for DPA.

Configure MFA for service users

Enforce MFA for users accessing DPA by applying the policy set to users in a DPA Role.

To configure MFA

Step 1: Add a new policy set

  1. Log in to CyberArk Identity Security Platform Shared Services using the system administrator user provided in the welcome email.

  2. Select Identity Administration service.

  3. Go to Core Services > Policies and click Add Policy Set to create a new one.

  4. Name the policy set and select Specified Roles.

  5. Add the DPA Roles to the list of Specified Roles.

Step 2: Enable authentication policy controls

  1. Go to Authentication Policies > Identity Administration.

  2. Select Yes in the Enable authentication policy controls drop-down.

Step 3: Create an authentication profile

  1. In the Authentication Rules area, select Add New Profile from the Default Profile drop-down list.

  2. Name the new profile and configure the challenges.

    To see the authentication options available for your service, see MFA options in Shared Services.

  3. Click Save.