It will be great if there is capability to the admins forcing all users to use MFA only in login. admin should be able to force and prevent users from disabling MFA
Tie them to your identity management solution for your network. You can use that to enforce MFA.
Built in users such as the portal admin and other users NOT members in a IdP can opt out of MFA. This goes against many large companies' security policies. It would be great if we can force ALL Portal built in user to use MFA.
Can ESRI reply to this question.
Without enforce the policy for the use of multifactor authentication it is not an useful option.
It seem also not possible even to check (with an api call) if this user option is enabled.
So:
- make an option to enforce the policy
- extend the api to check if the user has enabled this policy
(https://developers.arcgis.com/python/api-reference/arcgis.gis.toc.html#user )
the call here show only if the adminstrator turn on the possibility (or am I wrong?)
mfaEnabled | Indicates if the user’s account has multifactor authentication set up. |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.