Use the Multifactor Policies tab to create and enforce policies for your chosen MFA factors and the groups that are subject to them. Sign-on policies determine the types of authentication challenges these users receive.
An MFA policy can be based on a variety of factors, such as location, group definitions, and authentication type. It can also specify actions to take, such as allowing access or prompting for a challenge.
- Add a new policy by navigating to Factor Enrollment and clicking Add Multifactor Policy.
- Change the order of policies, except the Default Policy, by dragging the bar on the blue policy name, thereby rearranging the list.
- The Default Policy: The default policy applies when no other policy has been set. It also immediately reflects the factors you chose under the Factor Type tab.