/
New Feature EP-3985 MFA - Configurable MFA Method Requirement for User Types

New Feature EP-3985 MFA - Configurable MFA Method Requirement for User Types

Overview

 

Loaded live in release 5.26.0 we have created new configurable options that allow you to specify whether or not certain user types should have the MFA method associated with their account.

Changes to Functionality

In the configuration page, found in the system management menu item, we have added a set of new toggle options for each user type in epaPRO. These options can be found under the MFA tab and are denoted by a title stating “Required For” and then each user type with a toggle option and description.

image-20240812-104637.png
System Management → Configuration → MFA options per user type

Enabling these options will cause a new check to be carried out whenever the user attempts to log into the system. If the user type of the user is set as “requiring MFA” and the user does not have a valid MFA method configured currently, then when logging in they will be redirected to their profile page with a warning stating that they are required to configure an MFA method.

Please Note: This option is currently a “Soft Requirement“, meaning that the user is still able to use the system even when the user type option is enabled. However, each time they attempt to login they will be redirected back to the MFA screen with the aforementioned warning message.

image-20240812-105124.png
Warning prompt in users profile.

 

Impacted Areas

  • System Management → Configuration → MFA

  • Log In

  • My Profile

Permissions

  • None