MFA options in Shared Services

In addition to the user name and password authentication that are required at login, the following table lists the authentication mechanisms for first and second challenges for end users, and what is supported by each shared service.

Learn how to set up different MFA solutions. See Configure Identity Administration MFA.

First challenge

Challenge 1: Supported authentication methods
Authentication mechanism	Supported by
Mobile Authenticator	Privilege Cloud DPA (Windows - RDP)
Phone call	Privilege Cloud DPA (Windows - RDP)
OATH OTP client	Privilege Cloud
Text message (SMS) confirmation code	Privilege Cloud DPA (Windows - RDP)
Duo	Privilege Cloud
Email confirmation code	Privilege Cloud DPA (Windows - RDP)
QR code	DPA (Windows - RDP)
FIDO2 Authenticator(s) (single-factor)
FIDO2 Authenticator(s) (multi-factor)
Password	Privilege Cloud DPA (Linux - SSH) DPA (Windows - RDP)
Security question(s)	Privilege Cloud
3rd party RADIUS authentication	Privilege Cloud DPA (Windows - RDP) DPA (Linux - SSH)

Second challenge

Challenge 2: Supported authentication methods
Authentication mechanism	Supported by
Mobile Authenticator	Privilege Cloud DPA (Windows - RDP)
Phone call	Privilege Cloud DPA (Windows - RDP)
OATH OTP client	Privilege Cloud
Text message (SMS) confirmation code	Privilege Cloud DPA (Linux - SSH) DPA (Windows - RDP)
Duo	Privilege Cloud
Email confirmation code	Privilege Cloud DPA (Linux - SSH) DPA (Windows - RDP)
QR code	DPA (Windows - RDP)
FIDO2 Authenticator(s) (single-factor)
FIDO2 Authenticator(s) (multi-factor)
Password	Privilege Cloud DPA (Windows - RDP)
Security question(s)	Privilege Cloud DPA (Linux - SSH)
3rd party RADIUS authentication	Privilege Cloud DPA (Windows - RDP) DPA (Linux - SSH)

Additional authentication methods

Additional supported authentication methods
Authentication mechanism	Supported by
SAML support	DPA (Linux - SSH) DPA (Windows - RDP)