Select to view content in your preferred language

Multi-Factor Authentication (MFA) Force for all users

1126
3
02-08-2023 11:22 PM
Status: Open
ahmed2badr
Occasional Contributor

It will be great if there is capability to the admins forcing all users to use MFA only in login. admin should be able to force and prevent users from disabling MFA 

Tags (1)
3 Comments
John_Spence

Tie them to your identity management solution for your network. You can use that to enforce MFA.

versta
by

Built in users such as the portal admin and other users NOT members in a IdP can opt out of MFA. This goes against many large companies' security policies. It would be great if we can force ALL Portal built in user to use MFA.

JeroenBaltussen1

Can ESRI reply to this question.

Without enforce the policy for the use of multifactor authentication it is not an useful option.

It seem also not possible even to check (with an api call) if this user option is enabled.

So:

- make an option to enforce the policy

- extend the api to check if the user has enabled this policy

 (https://developers.arcgis.com/python/api-reference/arcgis.gis.toc.html#user )

the call here show only if the adminstrator turn on the possibility (or am I wrong?)

mfaEnabled

Indicates if the user’s account has multifactor authentication set up.