About MFA enrollment policies

Use the Multifactor Policies tab to create and enforce policies for your chosen MFA factors and the groups that are subject to them. Sign-on policies determine the types of authentication challenges these users receive.

An MFA policy can be based on a variety of factors, such as location, group definitions, and authentication type. It can also specify actions to take, such as allowing access or prompting for a challenge.

  • Add a new policy by navigating to Factor Enrollment and clicking Add Multifactor Policy.
  • Change the order of policies, except the Default Policy, by dragging the bar on the blue policy name, thereby rearranging the list.
  • The Default Policy: The default policy applies when no other policy has been set. It also immediately reflects the factors you chose under the Factor Type tab.

Related topics

Configure an MFA enrollment policy

App condition for MFA enrollment policies

Factor Sequencing

Sign-on policies