MFA for web application access

Before you configure MFA for web application access, you must first deploy and configure the application. If you have not done this, see Get Started with Single Sign-on.

MFA requirements for web application access can be as simple or sophisticated as you would like. The simplest rule is un-conditional MFA -- users must provide additional authentication anytime they access web applications from the User Portal.

  1. Log in to the Identity Administration portal.
  2. Click Apps > Web Apps and select the relevant application.
  3. Click Policy.
  4. Select Add New Profile from the Authentication Profile dropdown list.

    5. The authentication profile is where you define the authentication methods you want users to use for MFA.

  5. Enter a profile name.
  6. Select the authentication methods.

  7. Click OK.
  8. Click Save.

If you only require MFA when certain conditions are met, for example when users are accessing the application from a specific country, use the following instructions.

  1. Log in to the Identity Administration portal.
  2. Click Apps > Web Apps and select the relevant application.
  3. Click Policy.
  4. Click Add Rule .

    5. The Authentication Rule window opens.

  5. Click Add Filter .
  6. Select Country from the Filter dropdown list.
  7. Select equal to from the Condition dropdown list and the relevant country from the Value dropdown list.
  8. Click the Add button associated with the filter and condition.

  9. Select Add New Profile from the Authentication Profile drop-down list.

    10. The authentication profile is where you define the authentication methods you want users to use for MFA.

  10. Enter a profile name.
  11. Select the authentication methods.

  12. Click OK.
  13. Click Save.