Search Results :

×

Administrator Handbook

How to Manage MFA Methods for users

1. Configure the Default MFA Method for Users: 

  1. The default method is assigned to the user account when it is created, If MFA is enabled for any of the
    applications, the use will be prompted to complete the MFA with this method.
  2. Go to 2-Factor Authentication > 2FA options for EndUsers For Users from the side menu.
  3. Under the Select Default Authentication method section, select the MFA method you want to set as default.
    [OTP over Email is the default one at the time of account creation.]
  4. Click on Save to update the Default MFA method for Users.
  5. Now any newly created user will have the selected method as the default MFA method.

2. How to manage the MFA methods that are allowed for users:

  1. Under the SELECT ALLOWED 2FA METHODS section keep the MFA methods enabled to which you want the users to have access and disable remaining methods.

  2. Click on Save to save the updates.

3. Allow Users to choose the MFA method at the time of login:

  1. If you would like to give the users the choice to select the MFA method with which they would like to complete the authentication, this option has to be enabled. If enabled, the users are prompted to select an MFA method from all methods that are allowed by the admin and are configured by the end user.
  2. Under the SELECT THE 2FA METHOD AT THE TIME OF LOGIN. Section enable the Enable this option if you want users to choose the 2FA method at the time of Login option.

  3. Click on Save to save the updated settings.

4. Inline Registration Configuration Section : 

  1. Skip Alternate Login Method (KBA) Configuration during Inline Registration
    1. This functionality gives you a choice to ask the KBA questions during inline registration.
    2. Go to 2-Factor Authentication > Configure 2FA For Users from the side menu.
    3. If you want to skip this, enable the Skip alternate login method(KBA) tab.

    4. Then click on Save to save the updates.
  2. Enforce users to set up their 2FA Method on First Login:
    1. If enabled, this option forces the users to configure their MFA method at the very first login. This makes sure that the user has atleast one MFA method configured .
    2. Go to 2-Factor Authentication > Configure 2FA For Users from the side menu.
    3. Under the Inline Registration Configuration Section enable the Enforce users to set up their 2FA Method on First Login option.

    4. Click on Save to save the updates.

    5. How to check the currently configured method for the end users : 

    1. Go to Users >  Users List from the side menu.
    2. Go to the app you created and click on the select button to choose Change Second Factor.

    3. Now select which second factor you want to reset.

    4. Now, you should be able to see the currently active MFA method for each user in the “Second Factor Type” column.
Hello there!

Need Help? We are right here!
support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com